Modeling Insider Threat Types in Cyber Organizations

被引：0

作者：

Santos, Eunice E. ^{[1
]}

Santos, Eugene, Jr. ^{[2
]}

Korah, John ^{[1
]}

Thompson, Jeremy E. ^{[2
]}

Murugappan, Vairavan ^{[1
]}

Subramanian, Suresh ^{[1
]}

Zhao, Yan ^{[2
]}

机构：

[1] IIT, Dept Comp Sci, Chicago, IL 60616 USA

[2] Dartmouth Coll, Thayer Sch Engn, Hanover, NH 03755 USA

来源：

2017 IEEE INTERNATIONAL SYMPOSIUM ON TECHNOLOGIES FOR HOMELAND SECURITY (HST) | 2017年

关键词：

Bayesian knowledge bases (BKBs); insider threat; computational modeling; behavioral modeling; social modeling; trust; manipulation; cyber security;

D O I：

暂无

中图分类号：

TM [电工技术]; TN [电子技术、通信技术];

学科分类号：

0808 ; 0809 ;

摘要：

Insider threats can cause immense damage to organizations of different types, including government, corporate, and non-profit organizations. Being an insider, however, does not necessarily equate to being a threat. Effectively identifying valid threats, and assessing the type of threat an insider presents, remain difficult challenges. In this work, we propose a novel breakdown of eight insider threat types, identified by using three insider traits: predictability, susceptibility, and awareness. In addition to presenting this framework for insider threat types, we implement a computational model to demonstrate the viability of our framework with synthetic scenarios devised after reviewing real world insider threat case studies. The results yield useful insights into how further investigation might proceed to reveal how best to gauge predictability, susceptibility, and awareness, and precisely how they relate to the eight insider types.

引用

页数：7

共 50 条

[31] Insider threat detection in cyber-physical systems: a systematic literature review
Al-Mhiqani, Mohammed Nasser
Alsboui, Tariq
Al-Shehari, Taher
Abdulkareem, Karrar hameed
Ahmad, Rabiah
Mohammed, Mazin Abed
COMPUTERS & ELECTRICAL ENGINEERING, 2024, 119
[32] Comprehensiveness of Response to Internal Cyber-Threat and Selection of Methods to Identify the Insider
Zhurin, Sergey Igorevich
JOURNAL OF ICT RESEARCH AND APPLICATIONS, 2015, 8 (03) : 251 - 269
[33] Threat modeling in cyber-physical systems
Fernandez, Eduardo B.
2016 IEEE 14TH INTL CONF ON DEPENDABLE, AUTONOMIC AND SECURE COMPUTING, 14TH INTL CONF ON PERVASIVE INTELLIGENCE AND COMPUTING, 2ND INTL CONF ON BIG DATA INTELLIGENCE AND COMPUTING AND CYBER SCIENCE AND TECHNOLOGY CONGRESS (DASC/PICOM/DATACOM/CYBERSC, 2016, : 448 - 453
[34] Cyber Security Threat Modeling of A Telesurgery System
Al Asif, Md Rashid
Khondoker, Rahamatullah
2020 2ND INTERNATIONAL CONFERENCE ON SUSTAINABLE TECHNOLOGIES FOR INDUSTRY 4.0 (STI), 2020,
[35] GraphCH: A Deep Framework for Assessing Cyber-Human Aspects in Insider Threat Detection
Roy, Krishna Chandra
Chen, Guenevere
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2024, 21 (05) : 4495 - 4509
[36] A method for insider threat assessment by modeling the internal employee interactions
Sepehrzadeh, Hamed
INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2023, 22 (05) : 1385 - 1393
[37] Temporal Semantic Parsing for Insider Threat Activity Modeling and Detection
AlSlaiman, Muhanned
Wang, Christopher
Salman, Mohammed
Asiri, Ahmad
IEEE NATIONAL AEROSPACE AND ELECTRONICS CONFERENCE, NAECON 2024, 2024, : 44 - 49
[38] A method for insider threat assessment by modeling the internal employee interactions
Hamed Sepehrzadeh
International Journal of Information Security, 2023, 22 : 1385 - 1393
[39] Toward an Ontology for Insider Threat Research: Varieties of Insider Threat Definitions
Mundie, David A.
Perl, Sam
Huth, Carly L.
2013 THIRD WORKSHOP ON SOCIO-TECHNICAL ASPECTS IN SECURITY AND TRUST (STAST 2013), 2013, : 26 - 36
[40] Insider threat analysis using information-centric modeling
Ha, D.
Upadhyaya, S.
Ngo, H.
Pramanik, S.
Chinchani, R.
Mathew, S.
ADVANCES IN DIGITAL FORENSIC III, 2007, 242 : 55 - +

← 1 2 3 4 5 →