Insider Threat Defined: Discovering the Prototypical Case
نویسندگان
چکیده
In a continued effort to better define the field of insider threat research, this study presents a survey of 30 cybersecurity experts’ opinions on the attributes of a prototypical insider and insider threat case. The survey is based on the attributes in the Entity-Relationship Model developed in a previous study of 42 different definitions of insider and insider threat. To develop clearer consensus and uniformity in the field, we discuss the attributes, which, in this small exploratory study, experts saw as typical or atypical components of an insider threat case.
منابع مشابه
Insider Threat Detection Using a Graph-Based Approach
The authors present the use of graph-based approaches to discovering anomalous instances of structural patterns in data that represent insider threat activity. The approaches presented search for activities that appear to match normal transactions, but in fact are structurally different. The authors show the usefulness of applying graph theoretic approaches to discovering suspicious insider act...
متن کاملReflections on the Insider Threat
This paper reports on a workshop in June 2007 on the topic of the insider threat. Attendees represented academia and research institutions, consulting firms, industry—especially the financial services sector, and government. Most participants were from the United States. Conventional wisdom asserts that insiders account for roughly a third of the computer security loss. Unfortunately, there is ...
متن کاملDeep Learning for Unsupervised Insider Threat Detection in Structured Cybersecurity Data Streams
Analysis of an organization’s computer network activity is a key component of early detection and mitigation of insider threat, a growing concern for many organizations. Raw system logs are a prototypical example of streaming data that can quickly scale beyond the cognitive power of a human analyst. As a prospective filter for the human analyst, we present an online unsupervised deep learning a...
متن کاملInsider Attack and Cyber Security Beyond the Hacker Advances in Information Security
This paper reports on a workshop in June 2007 on the topic of the insider threat. Attendees represented academia and research institutions, consulting firms, industry—especially the financial services sector, and government. Most participants were from the United States. Conventional wisdom asserts that insiders account for roughly a third of the computer security loss. Unfortunately, there is ...
متن کاملThe Insider Threat Prediction and Specification Language
Various information security surveys and case studies indicate the importance and manifestation of the insider threat problem. One of the most important tools to address insider threats is to enable the researchers to build case studies and express/replay threat scenarios. The Insider Threat Prediction and Specification Language (ITPSL) is a Domain Specific Language (DSL) created to provide a s...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- JoWUA
دوره 5 شماره
صفحات -
تاریخ انتشار 2014