Jonathan Jenkins
ABSTRACT
The risk represented by the legitimate members of organizations with their access to valuable information and services continues to increase with the adoption of information technology-based services. Misuses of such access create costs in terms of losses to businesses, and in some cases human costs.
The spectrum of techniques proposed to address the insider threat are varied, providing methods for detection, prevention and response. However, an insufficiently addressed matter is the role of new models in opening up routes for mitigations. An effective model for the insider threat is one that explicitly represents the critical space within which the violator acts, including the changes in the degree of exclusivity of access to resources.
Access abstraction provides both a new, enabling model for characterizing the insider threat operating environment and an indirect deterrent to the development of the threat.
- CERT National Insider Threat Center. 2018. Integrity Considerations for Secure Computer Systems (cmu/sei-2018-tr-010 ed.). Technical Report. Carnegie Mellon University. 168 pages.Google Scholar
- E. Cole. 2017. "Defending Against the Wrong Enemy: 2017 SANS Insider Threat Survey". SANS. Retrieved December 22, 2019 from http://www.sans.org/reading-room/whitepapers/awareness/defending-wrong-enemy-2017-insider-threat-survey-37890Google Scholar
- W. Eberle and L. Holder. 2009. Graph-based Approaches to Insider Threat Detection. In Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies (Oak Ridge, Tennessee, USA) (CSIIRW '09). ACM, New York, NY, USA, Article 44, 4 pages. https://doi.org/10.1145/1558607.1558658Google Scholar
- D. Ha, S. Upadhyaya, H. Ngo, S. Pramanik, R. Chinchani, and S. Mathew. 2007. Insider Threat Analysis Using Information-Centric Modeling. In Advances in Digital Forensics III, Philip Craiger and Sujeet Shenoi (Eds.). Springer New York, New York, NY, 55--73.Google Scholar
- PwC. 2018. "Global Economic Crime and Fraud Survey 2018". PwC. Retrieved December 22, 2019 from http://pwc.com/gx/en/forensics//global-economic-crime-and-fraud-survey-2018.pdfGoogle Scholar
- M.B. Salem, S. Hershkop, and S.J. Stolfo. 2008. A Survey of Insider Attack Detection Research. Insider Attack and Cyber Security. Advances in Information Security, Vol. 39. Springer, Boston. https://doi.org/10.1007/978-0-387-77322-3_5Google Scholar
- CERT Insider Threat Team. 2013. Unintentional Insider Threats: A Foundational Study (cmu/sei-2013-tn-022 ed.). Technical Report. Carnegie Mellon University. 91 pages.Google Scholar
Index Terms
- An Access Abstraction Model for Mitigating the Insider Threat
Recommendations
The Insider Threat: Reasons, Effects and Mitigation Techniques
PCI '20: Proceedings of the 24th Pan-Hellenic Conference on InformaticsThe insider threat is increasingly becoming extremely important for companies, organizations and even governments. A malicious, or even a careless, insider can cause severe damage to the resources and the reputation of an organization. In this article, ...
Insider Threat Mitigation Using Moving Target Defense and Deception
MIST '17: Proceedings of the 2017 International Workshop on Managing Insider Security ThreatsThe insider threat has been subject of extensive study and many approaches from technical perspective to behavioral perspective and psychological perspective have been proposed to detect or mitigate it. However, it still remains one of the most ...
Towards Countermeasure of Insider Threat in Network Security
INCOS '11: Proceedings of the 2011 Third International Conference on Intelligent Networking and Collaborative SystemsWe discuss countermeasure against insider threats in network security aspect. In the context of countermeasure against insider threats, there is no perimeter for access control in a network. A traditional access control process by using a firewall on a ...
Comments