DocumentCode :
3293889
Title :
Managing Malicious Insider Risk through BANDIT
Author :
Berk, Vincent H. ; Cybenko, George ; Souza, Ian Gregorio-de ; Murphy, John P.
Author_Institution :
Thayer Sch. of Eng., Dartmouth Coll., Hanover, NH, USA
fYear :
2012
fDate :
4-7 Jan. 2012
Firstpage :
2422
Lastpage :
2430
Abstract :
The transition from system-to information-based security has continued steadily over the last 30 years. Correspondingly, it is increasingly not the computer that is at risk, but the information in it. The human operator is ultimately the cornerstone of information security, an integral part of the information infrastructure. We are therefore forced to use techniques and methods that help us understand the role of human actors in the information infrastructure, so that we may make meaningful progress in mitigating insider threat. Malicious versus benign human behavior cannot easily be categorized based on a signature such as conventional virus and intrusion detection approaches. Because the cost of a false positive is high, we must be careful in our classification and subsequent actions. This article outlines our BANDIT (Behavioral Anomaly Detection for Insider Threat) system, using the traditional notion of Motive, Means, and Opportunity, combined with comprehensive behavioral analysis techniques to place each individual on a sliding scale of ´insider risk´. Finally, an insider threat detection cost-benefit analysis, based on classical risk assessment techniques, is presented to quantify how effective the technology has to be for beneficial deployment in a given enterprise.
Keywords :
cost-benefit analysis; information networks; invasive software; risk management; BANDIT system; behavioral anomaly detection for insider threat; benign human behavior; comprehensive behavioral analysis techniques; computer virus; cost-benefit analysis; human operator; information infrastructure; information security; intrusion detection approaches; malicious insider risk management; threat detection; Context; Electronic mail; Frequency measurement; Humans; Security; Vectors; insider threat; network behavioral analysis; social network analysis;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
System Science (HICSS), 2012 45th Hawaii International Conference on
Conference_Location :
Maui, HI
ISSN :
1530-1605
Print_ISBN :
978-1-4577-1925-7
Electronic_ISBN :
1530-1605
Type :
conf
DOI :
10.1109/HICSS.2012.420
Filename :
6149308
Link To Document :
بازگشت