skip to main content
10.1145/2995959acmconferencesBook PagePublication PagesccsConference Proceedingsconference-collections
MIST '16: Proceedings of the 8th ACM CCS International Workshop on Managing Insider Security Threats
ACM2016 Proceeding
Publisher:
  • Association for Computing Machinery
  • New York
  • NY
  • United States
Conference:
CCS'16: 2016 ACM SIGSAC Conference on Computer and Communications Security Vienna Austria 28 October 2016
ISBN:
978-1-4503-4571-2
Published:
28 October 2016
Sponsors:
Recommend ACM DL
ALREADY A SUBSCRIBER?SIGN IN
Next Conference
October 13 - 17, 2025
Taipei , Taiwan
Reflects downloads up to 16 Feb 2025Bibliometrics
Skip Abstract Section
Abstract

It is our great pleasure to welcome you to the 8th ACM CCS International Workshop on Managing Insider Security Threats -- MIST'16.

Since 2009, the MIST workshop, which aims to showcase novel proactive approaches to prevent, detect, and respond to insider threats and information leakages, has been held as follows.

  • 1st MIST (in conjunction with IFIPTM 2009): June 16, 2009, West Lafayette, USA

  • 2nd MIST (in conjunction with IFIPTM 2010): June 15, 2010, Morioka, Iwate, Japan

  • 3rd MIST (in conjunction with InCos 2011): December 1-2, 2011, Fukuoka, Japan

  • 4th MIST: November 8-9, 2012, Kyushu University, Fukuoka, Japan

  • 5th MIST: October 24-25, 2013, Pukyong National University, Busan, Rep. of Korea

  • 6th MIST: November 21-22, 2014, Konkuk University, Seoul, Rep. of Korea

  • 7th MIST (in conjunction with ACM CCS 2015): October 16, 2015, The Denver Marriot City Center, Denver, Colorado, USA

This year, MIST'16 continues to play its important role of the leading forum for bringing together researchers from academia and industry as well as practitioners to discuss the latest research challenges and advances in managing insider security threats. This year, we accepted 8 high qualified papers among a total of 22 submissions (with an acceptance rate of 36.4%) after a rigorous peer-review process where each submission is reviewed by at least three technical program committee members. In addition, 7 short papers were selected for short oral and poster presentation at MIST'16. We expect that MIST'16 will promote further related research and technology enhancements in this significant security area.

Skip Table Of Content Section
SESSION: Session 1: Access Control & Application Security
research-article
A Grey-Box Approach for Detecting Malicious User Interactions in Web Applications

Web applications are the core enabler for most Internet services today. Their standard interfaces allow them to be composed together in different ways in order to support different service workflows. While the modular composition of applications has ...

research-article
Restricting Insider Access Through Efficient Implementation of Multi-Policy Access Control Systems

The American National Standards Institute (ANSI) has standardized an access control approach, Next Generation Access Control (NGAC), that enables simultaneous instantiation of multiple access control policies. For large complex enterprises this is ...

research-article
Towards Formal Analysis of Insider Threats for Auctions

This paper brings together the world of insider threats and auctions. For online-auction systems, like eBay, but also for high-value one-off auction algorithms as they are used for selling radio wave frequencies, the use of rigorous machine supported ...

SESSION: Session 2: Best Paper Session
research-article
Public Access
Studying Naive Users and the Insider Threat with SimpleFlow

Most access control systems prohibit illicit actions at the moment they seem to violate a security policy. While effective, such early action often clouds insight into the intentions behind negligent or willful security policy violations. Furthermore, ...

research-article
A New Take on Detecting Insider Threats: Exploring the Use of Hidden Markov Models

The threat that malicious insiders pose towards organisations is a significant problem. In this paper, we investigate the task of detecting such insiders through a novel method of modelling a user's normal behaviour in order to detect anomalies in that ...

SESSION: Session 3: Cyber Attacks & Network Security
research-article
Cyber Deception: Virtual Networks to Defend Insider Reconnaissance

Advanced targeted cyber attacks often rely on reconnaissance missions to gather information about potential targets and their location in a networked environment to identify vulnerabilities which can be exploited for further attack maneuvers. Advanced ...

research-article
Pragmatic Security: Modelling IT Security Management Responsibilities for SME Archetypes

Here we model the indirect costs of deploying security controls in small-to-medium enterprises (SMEs) to manage cyber threats. SMEs may not have the in-house skills and collective capacity to operate controls efficiently, resulting in inadvertent data ...

research-article
Ports Distribution Management for Privacy Protection inside Local Domain Name System

Domain Name System (DNS) had been recognized as an indispensable and fundamental infrastructure of current Internet. However, due to the original design philosophy and easy access principle, one can conveniently wiretap the DNS requests and responses. ...

SESSION: Session 4: Short Papers Session
short-paper
Function-Based Access Control (FBAC): From Access Control Matrix to Access Control Tensor

The misuse of legitimate access to data is a serious information security concern for both organizations and individuals. From a security engineering viewpoint, this might be due to the failure of access control. Inspired by Functional Encryption, we ...

short-paper
WatchIT: Who Watches Your IT Guy?

System administrators have unlimited access to system resources. As the Snowden case shows, these permissions can be exploited to steal valuable personal, classified, or commercial data. In this work we propose a strategy that increases the ...

short-paper
A New Risk Assessment Framework Using Graph Theory for Complex ICT Systems

In this paper, we propose a new risk analysis framework that enables to supervise risks in complex and distributed systems. Our contribution is twofold. First, we provide the Risk Assessment Graphs (RAGs) as a model of risk analysis. This graph-based ...

short-paper
Online and Offline Security Policy Assessment

Network architectures and applications are becoming increasingly complex. Several approaches to automatically enforce configurations on devices, applications and services have been proposed, such as Policy-Based Network Management (PBNM). However, the ...

short-paper
A Tripwire Grammar for Insider Threat Detection

The threat from insiders is an ever-growing concern for organisations, and in recent years the harm that insiders pose has been widely demonstrated. This paper describes our recent work into how we might support insider threat detection when actions are ...

short-paper
Discovering Insider Threats from Log Data with High-Performance Bioinformatics Tools

Since the number of cyber attacks by insider threats and the damage caused by them has been increasing over the last years, organizations are in need for specific security solutions to counter these threats. To limit the damage caused by insider threats,...

short-paper
Analysis on Manipulation of the MAC Address and Consequent Security Threats

In this paper, we analyze manipulation methods of the MAC address and consequent security threats. The Ethernet MAC address is known to be unchanged, and so is highly considered as platform-unique information. For this reason, various services are ...

Contributors
  • Purdue University
Index terms have been assigned to the content through auto-classification.

Recommendations

Acceptance Rates

MIST '16 Paper Acceptance Rate 8 of 22 submissions, 36%;
Overall Acceptance Rate 21 of 54 submissions, 39%
YearSubmittedAcceptedRate
MIST '1718739%
MIST '1622836%
MIST '1514643%
Overall542139%