Modeling of Insider Threat using Enterprise Automaton

被引:0
作者
Roy, Puloma [1 ]
Mazumdar, Chandan [1 ]
机构
[1] Jadavpur Univ, Ctr Distributed Comp, Kolkata, India
来源
PROCEEDINGS OF 2018 FIFTH INTERNATIONAL CONFERENCE ON EMERGING APPLICATIONS OF INFORMATION TECHNOLOGY (EAIT) | 2018年
关键词
Enterprise process; Insider; Insider Threat; Insider Attacker;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Substantial portions of attacks on the security of enterprises are perpetrated by Insiders having authorized privileges. Thus insider threat and attack detection is an important aspect of Security management. In the published literature, efforts are on to model the insider threats based on the behavioral traits of employees. The psycho-social behaviors are hard to encode in the software systems. Also, in some cases, there are privacy issues involved. In this paper, the human and non-human agents in a system are described in a novel unified model. The enterprise is described as an automaton and its states are classified secure, safe, unsafe and compromised. The insider agents and threats are modeled on the basis of the automaton and the model is validated using a case study.
引用
收藏
页数:4
相关论文
共 50 条
  • [1] Toward an Ontology for Insider Threat Research: Varieties of Insider Threat Definitions
    Mundie, David A.
    Perl, Sam
    Huth, Carly L.
    2013 THIRD WORKSHOP ON SOCIO-TECHNICAL ASPECTS IN SECURITY AND TRUST (STAST 2013), 2013, : 26 - 36
  • [2] Enterprise Level Security: Insider Threat Counter-Claims
    Simpson, William R.
    Foltz, Kevin E.
    WORLD CONGRESS ON ENGINEERING AND COMPUTER SCIENCE, WCECS 2017, VOL I, 2017, : 112 - 117
  • [3] Probabilistic Modeling of Insider Threat Detection Systems
    Ruttenberg, Brian
    Blumstein, Dave
    Druce, Jeff
    Howard, Michael
    Reed, Fred
    Wilfong, Leslie
    Lister, Crystal
    Gaskin, Steve
    Foley, Meaghan
    Scofield, Dan
    GRAPHICAL MODELS FOR SECURITY, 2018, 10744 : 91 - 98
  • [4] Modeling Insider Threat Types in Cyber Organizations
    Santos, Eunice E.
    Santos, Eugene, Jr.
    Korah, John
    Thompson, Jeremy E.
    Murugappan, Vairavan
    Subramanian, Suresh
    Zhao, Yan
    2017 IEEE INTERNATIONAL SYMPOSIUM ON TECHNOLOGIES FOR HOMELAND SECURITY (HST), 2017,
  • [5] A study of insider threat in nuclear security analysis using game theoretic modeling
    Kim, Kyo-Nam
    Yim, Man-Sung
    Schneider, Erich
    ANNALS OF NUCLEAR ENERGY, 2017, 108 : 301 - 309
  • [6] Reflecting on the Ability of Enterprise Security Policy to Address Accidental Insider Threat
    Buckley, Oliver
    Nurse, Jason R. C.
    Legg, Philip A.
    Goldsmith, Michael
    Creese, Sadie
    2014 4TH WORKSHOP ON SOCIO-TECHNICAL ASPECTS IN SECURITY AND TRUST (STAST 2014), 2014, : 8 - 15
  • [7] Survival analysis for insider threat Detecting insider threat incidents using survival analysis techniques
    Alhajjar, Elie
    Bradley, Taylor
    COMPUTATIONAL AND MATHEMATICAL ORGANIZATION THEORY, 2022, 28 (04) : 335 - 351
  • [8] Introduction to the special issue on insider threat modeling and simulation
    Moore, Andrew P.
    Kennedy, Kirk A.
    Dover, Thomas J.
    COMPUTATIONAL AND MATHEMATICAL ORGANIZATION THEORY, 2016, 22 (03) : 261 - 272
  • [9] Creating a Digital Twin of an Insider Threat Detection Enterprise Using Model-Based Systems Engineering
    Lee, James
    Alghamdi, Ahmad
    Zaidi, Abbas K.
    SYSCON 2022: THE 16TH ANNUAL IEEE INTERNATIONAL SYSTEMS CONFERENCE (SYSCON), 2022,
  • [10] An agent-based approach to modeling insider threat
    Sokolowski, John A.
    Banks, Catherine M.
    Dover, Thomas J.
    COMPUTATIONAL AND MATHEMATICAL ORGANIZATION THEORY, 2016, 22 (03) : 273 - 287
12345