Abstract
Addressing the insider threat using a systematic and formulated methodology is an inherently difficult process. This is because the problem is typically viewed in an abstract manner and a sufficient method for defining a way to categorically represent the threat has not been developed. The solution requires a security model that clearly identifies a process for classifying malicious insider activities. To be effective the model must compartmentalize the threat and attack it consistently. The purpose of this paper is to present a methodology for accurately defining the malicious insider and describe a process for addressing the threat in a systematic manner. Our model presents a definable taxonomy of the malicious insider and demonstrates a method for decomposing the abstract threat into a solvable and analyzable process.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Anderson, R., Bozek, T., Longstaff, T., Meitzler, W., Skroch, M., Van Wyk, K.: Research on Mitigating the Insider Threat to Information Systems. In: Proceedings of the Insider Workshop. CF-163-DARPA. Arlington, VA (2000)
Chinchani, R., Iyer, A., Ngo, H., Upadhyaya, S.: Towards a Theory of Insider Threat Assessment. In: Proceedings of the 2005 International Conference on Dependable Systems and Networks (DSN 2005), Yokohama, Japan, June 28–July 01 (2005)
Daley, K., Larson, R., Dawkins, J.: A Structural Framework for Modeling Multi-Stage Network Attacks. In: Proceedings of the IEEE International Conference on Parallel Processing Workshops, pp. 5–10 (2002)
Jha, S., Sheyner, O., Wing, J.: Two Formal Analyses of Attack Graphs. In: Proceedings of the 15th IEEE Computer Security Foundations Workshop, p. 49 (2002)
Phillips, C., Swiler, L.: A Graph-Based system for network vulnerability analysis. In: ACM New Security Paradigms Workshop, pp. 71–79 (1998)
Randazzo, M., Keeney, M., Kowalski, E., Cappelli, D., Moore, A.: Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector. U.S. Secret Service and CERT Coordination Center/SEI (2004)
Schneier, B.: Secrets and Lies, pp. 318–333. Wiley Publishing, Chichester (2000)
Sheyner, O., Haines, J., Jha, S., Lippman, R., Wing, J.: Automated Generation and Analysis of Attack Graphs. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 254–265 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Butts, J.W., Mills, R.F., Baldwin, R.O. (2005). Developing an Insider Threat Model Using Functional Decomposition. In: Gorodetsky, V., Kotenko, I., Skormin, V. (eds) Computer Network Security. MMM-ACNS 2005. Lecture Notes in Computer Science, vol 3685. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11560326_32
Download citation
DOI: https://doi.org/10.1007/11560326_32
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-29113-8
Online ISBN: 978-3-540-31998-6
eBook Packages: Computer ScienceComputer Science (R0)