- Sponsor:
- sigsac
It is our great pleasure to welcome you to the 8th ACM CCS International Workshop on Managing Insider Security Threats -- MIST'16.
Since 2009, the MIST workshop, which aims to showcase novel proactive approaches to prevent, detect, and respond to insider threats and information leakages, has been held as follows.
1st MIST (in conjunction with IFIPTM 2009): June 16, 2009, West Lafayette, USA
2nd MIST (in conjunction with IFIPTM 2010): June 15, 2010, Morioka, Iwate, Japan
3rd MIST (in conjunction with InCos 2011): December 1-2, 2011, Fukuoka, Japan
4th MIST: November 8-9, 2012, Kyushu University, Fukuoka, Japan
5th MIST: October 24-25, 2013, Pukyong National University, Busan, Rep. of Korea
6th MIST: November 21-22, 2014, Konkuk University, Seoul, Rep. of Korea
7th MIST (in conjunction with ACM CCS 2015): October 16, 2015, The Denver Marriot City Center, Denver, Colorado, USA
This year, MIST'16 continues to play its important role of the leading forum for bringing together researchers from academia and industry as well as practitioners to discuss the latest research challenges and advances in managing insider security threats. This year, we accepted 8 high qualified papers among a total of 22 submissions (with an acceptance rate of 36.4%) after a rigorous peer-review process where each submission is reviewed by at least three technical program committee members. In addition, 7 short papers were selected for short oral and poster presentation at MIST'16. We expect that MIST'16 will promote further related research and technology enhancements in this significant security area.
Proceeding Downloads
A Grey-Box Approach for Detecting Malicious User Interactions in Web Applications
Web applications are the core enabler for most Internet services today. Their standard interfaces allow them to be composed together in different ways in order to support different service workflows. While the modular composition of applications has ...
Restricting Insider Access Through Efficient Implementation of Multi-Policy Access Control Systems
The American National Standards Institute (ANSI) has standardized an access control approach, Next Generation Access Control (NGAC), that enables simultaneous instantiation of multiple access control policies. For large complex enterprises this is ...
Towards Formal Analysis of Insider Threats for Auctions
This paper brings together the world of insider threats and auctions. For online-auction systems, like eBay, but also for high-value one-off auction algorithms as they are used for selling radio wave frequencies, the use of rigorous machine supported ...
Studying Naive Users and the Insider Threat with SimpleFlow
Most access control systems prohibit illicit actions at the moment they seem to violate a security policy. While effective, such early action often clouds insight into the intentions behind negligent or willful security policy violations. Furthermore, ...
A New Take on Detecting Insider Threats: Exploring the Use of Hidden Markov Models
The threat that malicious insiders pose towards organisations is a significant problem. In this paper, we investigate the task of detecting such insiders through a novel method of modelling a user's normal behaviour in order to detect anomalies in that ...
Cyber Deception: Virtual Networks to Defend Insider Reconnaissance
- Stefan Achleitner,
- Thomas La Porta,
- Patrick McDaniel,
- Shridatt Sugrim,
- Srikanth V. Krishnamurthy,
- Ritu Chadha
Advanced targeted cyber attacks often rely on reconnaissance missions to gather information about potential targets and their location in a networked environment to identify vulnerabilities which can be exploited for further attack maneuvers. Advanced ...
Pragmatic Security: Modelling IT Security Management Responsibilities for SME Archetypes
Here we model the indirect costs of deploying security controls in small-to-medium enterprises (SMEs) to manage cyber threats. SMEs may not have the in-house skills and collective capacity to operate controls efficiently, resulting in inadvertent data ...
Ports Distribution Management for Privacy Protection inside Local Domain Name System
Domain Name System (DNS) had been recognized as an indispensable and fundamental infrastructure of current Internet. However, due to the original design philosophy and easy access principle, one can conveniently wiretap the DNS requests and responses. ...
Function-Based Access Control (FBAC): From Access Control Matrix to Access Control Tensor
The misuse of legitimate access to data is a serious information security concern for both organizations and individuals. From a security engineering viewpoint, this might be due to the failure of access control. Inspired by Functional Encryption, we ...
WatchIT: Who Watches Your IT Guy?
System administrators have unlimited access to system resources. As the Snowden case shows, these permissions can be exploited to steal valuable personal, classified, or commercial data. In this work we propose a strategy that increases the ...
A New Risk Assessment Framework Using Graph Theory for Complex ICT Systems
In this paper, we propose a new risk analysis framework that enables to supervise risks in complex and distributed systems. Our contribution is twofold. First, we provide the Risk Assessment Graphs (RAGs) as a model of risk analysis. This graph-based ...
Online and Offline Security Policy Assessment
Network architectures and applications are becoming increasingly complex. Several approaches to automatically enforce configurations on devices, applications and services have been proposed, such as Policy-Based Network Management (PBNM). However, the ...
A Tripwire Grammar for Insider Threat Detection
The threat from insiders is an ever-growing concern for organisations, and in recent years the harm that insiders pose has been widely demonstrated. This paper describes our recent work into how we might support insider threat detection when actions are ...
Discovering Insider Threats from Log Data with High-Performance Bioinformatics Tools
Since the number of cyber attacks by insider threats and the damage caused by them has been increasing over the last years, organizations are in need for specific security solutions to counter these threats. To limit the damage caused by insider threats,...
Analysis on Manipulation of the MAC Address and Consequent Security Threats
In this paper, we analyze manipulation methods of the MAC address and consequent security threats. The Ethernet MAC address is known to be unchanged, and so is highly considered as platform-unique information. For this reason, various services are ...
Index Terms
- Proceedings of the 8th ACM CCS International Workshop on Managing Insider Security Threats