Modeling Insider Threat Types in Cyber Organizations

被引:0
作者
Santos, Eunice E. [1 ]
Santos, Eugene, Jr. [2 ]
Korah, John [1 ]
Thompson, Jeremy E. [2 ]
Murugappan, Vairavan [1 ]
Subramanian, Suresh [1 ]
Zhao, Yan [2 ]
机构
[1] IIT, Dept Comp Sci, Chicago, IL 60616 USA
[2] Dartmouth Coll, Thayer Sch Engn, Hanover, NH 03755 USA
来源
2017 IEEE INTERNATIONAL SYMPOSIUM ON TECHNOLOGIES FOR HOMELAND SECURITY (HST) | 2017年
关键词
Bayesian knowledge bases (BKBs); insider threat; computational modeling; behavioral modeling; social modeling; trust; manipulation; cyber security;
D O I
暂无
中图分类号
TM [电工技术]; TN [电子技术、通信技术];
学科分类号
0808 ; 0809 ;
摘要
Insider threats can cause immense damage to organizations of different types, including government, corporate, and non-profit organizations. Being an insider, however, does not necessarily equate to being a threat. Effectively identifying valid threats, and assessing the type of threat an insider presents, remain difficult challenges. In this work, we propose a novel breakdown of eight insider threat types, identified by using three insider traits: predictability, susceptibility, and awareness. In addition to presenting this framework for insider threat types, we implement a computational model to demonstrate the viability of our framework with synthetic scenarios devised after reviewing real world insider threat case studies. The results yield useful insights into how further investigation might proceed to reveal how best to gauge predictability, susceptibility, and awareness, and precisely how they relate to the eight insider types.
引用
收藏
页数:7
相关论文
共 50 条
  • [31] Intelligence Analyses and the Insider Threat
    Santos, Eugene, Jr.
    Hien Nguyen
    Yu, Fei
    Kim, Keum Joo
    Li, Deqing
    Wilkinson, John T.
    Olson, Adam
    Russell, Jacob
    Clark, Brittany
    IEEE TRANSACTIONS ON SYSTEMS MAN AND CYBERNETICS PART A-SYSTEMS AND HUMANS, 2012, 42 (02): : 331 - 347
  • [32] Analysis of Evolutionary Algorithm based Optimization for Cyber Threat Modeling
    Wright, Joseph Grady, V
    Sevil, Hakki Erhan
    Francia, Guillermo, III
    Youssef, Tarek
    Ghosh, Tirthankar
    Hall, Gregory
    SOUTHEASTCON 2022, 2022, : 751 - 756
  • [33] Cyber Security Threat Modeling for Supply Chain Organizational Environments
    Yeboah-Ofori, Abel
    Islam, Shareeful
    FUTURE INTERNET, 2019, 11 (03)
  • [34] An Insider Threat Prediction Model
    Kandias, Miltiadis
    Mylonas, Alexios
    Virvilis, Nikos
    Theoharidou, Marianthi
    Gritzalis, Dimitris
    TRUST, PRIVACY AND SECURITY IN DIGITAL BUSINESS, 2010, 6264 : 26 - 37
  • [35] Addressing the Insider Threat Introduction
    Pfleeger, Shari Lawrence
    Stolfo, Salvatore J.
    IEEE SECURITY & PRIVACY, 2009, 7 (06) : 10 - 13
  • [36] Insider Threat Detection in PRODIGAL
    Goldberg, Henry G.
    Young, William T.
    Reardon, Matthew G.
    Phillips, Brian J.
    Senator, Ted E.
    PROCEEDINGS OF THE 50TH ANNUAL HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES, 2017, : 2648 - 2657
  • [37] A Method of Evaluation for Insider Threat
    Wang, Yi-Lu
    Yang, Sang-Chin
    2014 INTERNATIONAL SYMPOSIUM ON COMPUTER, CONSUMER AND CONTROL (IS3C 2014), 2014, : 438 - 441
  • [38] Survival analysis for insider threat Detecting insider threat incidents using survival analysis techniques
    Alhajjar, Elie
    Bradley, Taylor
    COMPUTATIONAL AND MATHEMATICAL ORGANIZATION THEORY, 2022, 28 (04) : 335 - 351
  • [39] A study of insider threat in nuclear security analysis using game theoretic modeling
    Kim, Kyo-Nam
    Yim, Man-Sung
    Schneider, Erich
    ANNALS OF NUCLEAR ENERGY, 2017, 108 : 301 - 309
  • [40] A Multi-Perspective Approach to Insider Threat Detection
    Raissi-Dehkordi, Majid
    Carr, David
    2011 - MILCOM 2011 MILITARY COMMUNICATIONS CONFERENCE, 2011, : 1164 - 1169
12345