Insider Threat Mitigation Using Moving Target Defense and Deception

被引:4
作者
Takabi, Hassan [1 ]
Jafarian, J. Haadi [2 ]
机构
[1] Univ North Texas, Dept Comp Sci & Engn, Denton, TX 76203 USA
[2] Univ Colorado, Dept Comp Sci & Engn, Denver, CO USA
来源
PROCEEDINGS OF THE 2017 INTERNATIONAL WORKSHOP ON MANAGING INSIDER SECURITY THREATS (MIST'17) | 2017年
关键词
Insider Threat; Moving Target Defense; Deception; Attribute-based Access Control;
D O I
10.1145/3139923.3139935
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The insider threat has been subject of extensive study and many approaches from technical perspective to behavioral perspective and psychological perspective have been proposed to detect or mitigate it. However, it still remains one of the most difficult security issues to combat. In this paper, we propose an ongoing effort on developing a systematic framework to address insider threat challenges by laying a scientific foundation for defensive deception, leveraging moving target defense (MTD), an emerging technique for providing proactive security measurements, and integrating deception and MTD into attribute-based access control (ABAC).
引用
收藏
页码:93 / 96
页数:4
相关论文
共 19 条
[1]  
AlgoSec, 2014, ALG SURV STAT NETW S
[2]  
[Anonymous], 2015, J INTERNET SERVICES
[3]  
Ben Salem M, 2009, TECHNICAL REPORT CUC
[4]  
Bjorner N, 2009, 6 INT WORKSH CONSTR
[5]   Satisfiability Modulo Theories: An Appetizer [J].
de Moura, Leonardo ;
Bjorner, Nikolaj .
FORMAL METHODS: FOUNDATIONS AND APPLICATIONS, 2009, 5902 :23-36
[6]  
Ghourabi Abdallah, 2009, 2009 Fourth International Conference on Risks and Security of Internet and Systems (CRiSIS 2009), P127, DOI 10.1109/CRISIS.2009.5411968
[7]  
Greitzer F. L., 2012, 2012 45th Hawaii International Conference on System Sciences (HICSS), P2392, DOI 10.1109/HICSS.2012.309
[8]  
Greitzer FL, 2010, ADV INFORM SECUR, V49, P85, DOI 10.1007/978-1-4419-7133-3_5
[9]  
Hu Vincent, 2014, GUIDE ATTRIBUTE BASE
[10]  
Hunker J., 2008, Journal of Wireless Mobile Networks, V2, P4
12