Title :
Towards a theory of insider threat assessment
Author :
Chinchani, Ramkumar ; Iyer, Anusha ; Ngo, Hung Q. ; Upadhyaya, Shambhu
Author_Institution :
Buffalo Univ., NY, USA
fDate :
28 June-1 July 2005
Abstract :
Insider attacks are a well-known problem acknowledged as a threat as early as 1980s. The threat is attributed to legitimate users who abuse their privileges, and given their familiarity and proximity to the computational environment, can easily cause significant damage or losses. Due to the lack of tools and techniques, security analysts do not correctly perceive the threat, and hence consider the attacks as unpreventable. In this paper, we present a theory of insider threat assessment. First, we describe a modeling methodology which captures several aspects of insider threat, and subsequently, show threat assessment methodologies to reveal possible attack strategies of an insider.
Keywords :
computer crime; insider attacks; insider threat assessment theory; legitimate users; Authorization; Human factors; Monitoring; Protection; Reconnaissance; Security; Subcontracting;
Conference_Titel :
Dependable Systems and Networks, 2005. DSN 2005. Proceedings. International Conference on
Print_ISBN :
0-7695-2282-3
DOI :
10.1109/DSN.2005.94
