Enhanced Insider Threat Detection Model that Increases Data Availability

Yaseen, Qussai; Panda, Brajendra

doi:10.1007/978-3-642-19056-8_20

Qussai Yaseen¹⁸ &
Brajendra Panda¹⁸

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 6536))

Included in the following conference series:

International Conference on Distributed Computing and Internet Technology

660 Accesses
4 Citations

Abstract

This paper demonstrates how to prevent or mitigate insider threats in relational databases. It shows how different order of accesses to the same data items may pose different levels of threat. Moreover, it states the conditions that are required to regard a data item as expired. In addition, it introduces the two different methods of executing insiders’ tasks, and how to prevent insider threat in those. The models presented in this paper organize accesses to data items in a particular sequence so that the availability of data items is maximized and the expected threat is minimized to the lowest level. Furthermore, it determines when to give an insider an incorrect but acceptable value of a risky data item in order to prevent a possible threat.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Gordon, L., Loeb, M., Lucyshyn, W., Richardson, R.: Computer Crime and Security Survey, http://www.cpppe.umd.edu/Bookstore/Documents/2005CSISurvey.pdf
Yaseen, Q., Panda, B.: Organizing Access Privileges: Maximizing the Availability and Mitigating the Threat of Insiders’ Knowledgebase. In: 4th International Conference on Network and System Security, Melbourne, Australia (2010)
Google Scholar
Bishop, M., Gates, C.: Defining the Insider Threat. In: 4th Annual Workshop on Cyber Security and Information Intelligence Research. Oak Ridge, Tennessee (2008)
Google Scholar
Brackney, R., Anderson, R.: Understanding the insider threat. Technical Report, RAND Corporation (2004)
Google Scholar
Yaseen, Q., Panda, B.: Knowledge Acquisition and Insider Threat Prediction in Relational Database Systems. In: International Workshop on Software Security Processes, Vancouver, Canada, pp. 450–455 (2009)
Google Scholar
Spitzner, L.: Honeypots: Catching the Insider Threat. In: 19th Annual Computer Security Applications Conference, Washington, DC (2003)
Google Scholar
Althebyan, Q., Panda, B.: A knowledge-base model for insider threat prediction. In: IEEE Workshop on Information Assurance and Security, West Point, NY, pp. 239–246 (2007)
Google Scholar
Farkas, C., Jajodia, S.: The Inference Problem: A Survey. ACM SIGKDD Explorations, pp. 6–11 (2002)
Google Scholar
Farkas, C., Toland, T., Eastman, C.: The Inference Problem and Updates in Relational Databases. In: 15th IFIP WG11.3 Working Conference on Database and Application Security, Ontario, Canada, pp. 181–194 (2001)
Google Scholar
Brodsky, A., Farkas, C., Jajodia, S.: Secure Databases: Constraints, Inference Channels and Monitoring Disclosures. IEEE Trans. on Knowledge and Data Engineering, 900–919 (2000)
Google Scholar
Yip, R., Levitt, K.: Data Level Inference Detection in Database Systems. In: 11th Computer Security Foundations Workshop, Rockport, MA, pp. 179–189 (1998)
Google Scholar
Yaseen, Q., Panda, B.: Predicting and preventing insider threat in relational database systems. In: Samarati, P., Tunstall, M., Posegga, J., Markantonakis, K., Sauveron, D. (eds.) WISTP 2010. LNCS, vol. 6033, pp. 368–383. Springer, Heidelberg (2010)
Chapter Google Scholar
Morgenstern, M.: Security and Inference in Multilevel Database and Knowledge-Base Systems. ACM SIGMOD Record, 357–373 (1987)
Google Scholar
Yaseen, Q., Panda, B.: Malicious Modification attacks by Insiders in Relational Databases: Prediction and Prevention. In: 2nd IEEE International Conference on Information Privacy, Security, Risk and Trust, Minneapolis, Minnesota (2010)
Google Scholar
Yalamanchili, R., Panda, B.: Transaction Fusion: A Model for Data Recovery from Information Attacks. Journal of Intelligent Information Systems 23(3), 225–245 (2004)
Article MATH Google Scholar

Download references

Author information

Authors and Affiliations

Computer Science and Computer Engineering Department, University of Arkansas, Fayetteville, AR, 72701, USA
Qussai Yaseen & Brajendra Panda

Authors

Qussai Yaseen
View author publications
You can also search for this author in PubMed Google Scholar
Brajendra Panda
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Tata Institute of Fundamental Research, School of Technology & Computer Science, Homi Bhabha Road, Colaba, 400005, Mumbai, India
Raja Natarajan
International Institute of Software Technology, Center for Electronic Governance, United Nations University, P.O. Box 3058, Macao
Adegboyega Ojo

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Yaseen, Q., Panda, B. (2011). Enhanced Insider Threat Detection Model that Increases Data Availability. In: Natarajan, R., Ojo, A. (eds) Distributed Computing and Internet Technology. ICDCIT 2011. Lecture Notes in Computer Science, vol 6536. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-19056-8_20

Download citation

DOI: https://doi.org/10.1007/978-3-642-19056-8_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-19055-1
Online ISBN: 978-3-642-19056-8
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics