- Sponsor:
- sigsac
It is our great pleasure to welcome you to the 7th ACM CCS International Workshop on Managing Insider Security Threats -- MIST'15.
Recently, there has been a significant increase of insider attacks by authorized users. Compared to outsider attacks, they have great potential to lead to more fatal damage, thus being regarded as one of the most important security threats to governments, companies, institutes and so forth.
The MIST workshop aims to showcase novel proactive approaches to prevent, detect, and respond to insider threats and information leakages, and its history is as follows.
1st MIST (in conjunction with IFIPTM 2009): June 16, 2009, West Lafayette, USA
2nd MIST (in conjunction with IFIPTM 2010): June 15, 2010, Morioka, Iwate, Japan
3rd MIST (in conjunction with InCos 2011): December 1-2, 2011, Fukuoka, Japan
4th MIST: November 8-9, 2012, Kyushu University, Fukuoka, Japan
5th MIST: October 24-25, 2013, Pukyong National University, Busan, Rep. of Korea
6th MIST: November 21-22, 2014, Konkuk University, Seoul, Rep. of Korea
This year, MIST'15 continues its tradition of being the leading forum for bringing together the researchers from academia and industry as well as practitioners to discuss the latest research challenges and advances in managing insider security threats. We accepted 6 papers among total 14 submissions (the acceptance rate of 43%) after a rigorous peer-review process where each submission is reviewed by at least three TPC members. Moreover, MIST'15 is powered by the invited talk "Detecting Insider Threats: Who Is Winning the Game?" by Dr. William R. Claycomb, the panel discussion "Cyber Threats to Industrial Control Systems" by Prof. Kangbin Yim et al., and four poster presentations.
We believe that MIST'15 plays the meaningful role of a trigger for further related research and technology improvements in this important subject.
Proceeding Downloads
Insider Threats: Identifying Anomalous Human Behaviour in Heterogeneous Systems Using Beneficial Intelligent Software (Ben-ware)
- Andrew Stephen McGough,
- David Wall,
- John Brennan,
- Georgios Theodoropoulos,
- Ed Ruck-Keene,
- Budi Arief,
- Carl Gamble,
- John Fitzgerald,
- Aad van Moorsel,
- Sujeewa Alwis
In this paper, we present the concept of "Ben-ware" as a beneficial software system capable of identifying anomalous human behaviour within a 'closed' organisation's IT infrastructure. We note that this behaviour may be malicious (for example, an ...
Detecting Insider Threat from Enterprise Social and Online Activity Data
Insider threat is a significant security risk for organizations. In this paper, we attempt to discover insider threat by identifying abnormal behavior in enterprise social and online activity data of employees. To this end, we process and extract ...
Modelling Social-Technical Attacks with Timed Automata
- Nicolas David,
- Alexandre David,
- Rene Rydhof Hansen,
- Kim G. Larsen,
- Axel Legay,
- Mads Chr. Olesen,
- Christian W. Probst
Attacks on a system often exploit vulnerabilities that arise from human behaviour or other human activity. Attacks of this type, so-called socio-technical attacks, cover everything from social engineering to insider attacks, and they can have a ...
Novel Insider Threat Techniques: Automation and Generation of Ad Hoc Digital Evidence
- Aniello Castiglione,
- Arcangelo Castiglione,
- Alfredo De Santis,
- Barbara Masucci,
- Francesco Palmieri,
- Raffaele Pizzolante
It is well-known that in today's information systems the vast majority of threats are coming from outside. In order to mitigate the effects of those threats several countermeasures have been proposed. Conversely, the same approach has not been adopted ...
Mobile App Security Assessment with the MAVeriC Dynamic Analysis Module
- Alessandro Armando,
- Gianluca Bocci,
- Gabriele Costa,
- Rocco Mammoliti,
- Alessio Merlo,
- Silvio Ranise,
- Riccarto Traverso,
- Andrea Valenza
The security assessment of mobile applications is of paramount importance for both the service providers and their customers. As a matter of fact, nowadays smartphones are the primary access mean for the internet of services. Needless to say, malicious ...
Detecting Insider Threats: Who Is Winning the Game?
Preventing, detecting, and responding to malicious insider activity poses a significant challenge to enterprise and organizational security. Studies continue to show the insider threat problem has not abated, and may be increasing. We could speculate on ...
Compliance Control: Managed Vulnerability Surface in Social-Technological Systems via Signaling Games
The agents of an organization, in fulfillment of their tasks, generate a cyber-physical-human trace, which is amenable to formal analysis with modal logic to verify safety and liveness properties. Trusted but non-trustworthy agents within an ...
Secure Power Management Scheme for WSN
Recently, wireless sensor networks (WSNs) have been widely used in military, healthcare, and scientific environments and their sensors are often powered by batteries. So how to lengthen WSN's lifetime is an important challenge. One of the solutions is ...
SKETURE: A Sketch-based Packet Analysis Tool
In this study we introduce SKETURE, a packet analysis tool leveraging a sketch-based architecture. SKETURE generates statistical summaries that describe the behavior of each node in a network without violating users' privacy. It also extracts ...
Towards Insider Threat Detection Using Psychophysiological Signals
Insider threat is one of the greatest concerns for the information security system that could cause greater financial losses and damages than any other attacks. Recently many studies have been proposed to monitor and detect the insider attacks. However, ...
A Preliminary Cyber Ontology for Insider Threats in the Financial Sector
Insider attack has become a major threat in financial sector and is a very serious and pervasive security problem. Currently, there is no insider threat ontology in this domain and such an ontology is critical to developing countermeasures against ...
Cyber Threats to Industrial Control Systems
Cyber attacks have been a crucial problem on the Internet for more than a couple of decades. As information and communication technologies have been applied to the field systems in the traditional industries, they also have become connected and more ...