Defending Insider Threat
نویسندگان
چکیده
Network threat confronting organizations comes from not only outsider threat, but also insider threat. Nowadays, insider threat is widely recognized as an important issue of security management. However, tools and controls on how to fight against it are still in the research phase. Security architecture for defending insider threat is presented, which is composed of four parts: monitoring platform, secure authentication platform, information security platform and security management system. The first three parts of the architecture are to solve the problem from a technical viewpoint and the last is from a management point of view. It is simple and practicable to prevent and reduce insider threats by the combination of advanced security tools and good management system. Keywords-Internal Network; Insider Threat; Architecture; Security Management System
منابع مشابه
The Insider Threat in Cloud Computing
Cloud computing is an emerging technology paradigm, enabling and facilitating the dynamic and versatile provision of computational resources and services. Even though the advantages offered by cloud computing are several, there still exist second thoughts on the security and privacy of the cloud services. Use of cloud services affects the security posture of organizations and critical infrastru...
متن کاملMitigating insider threat in cloud relational databases
Cloud security has become one of the emergent issues because of the immense growth of cloud services. A major concern in cloud security is the insider threat because of the harm that it poses. Therefore, defending cloud systems against insider attacks has become a key demand. This work deals with insider threat in cloud relational database systems. It reveals the flaws in cloud computing that i...
متن کاملDatabase Intrusion Detection: Defending Against the Insider Threat
Not only are Databases an integral and critical part of many information systems, they are critical information assets to many business enterprises. However, the network and host intrusion detection systems most enterprises use to detect attacks against their information systems cannot detect transaction-level attacks against databases. Transaction-level attacks often come from authorized users...
متن کاملAn Ontology for Insider Threat Indicators: Development and Application
We describe our ongoing development of an insider threat indicator ontology. Our ontology is intended to serve as a standardized expression method for potential indicators of malicious insider activity, as well as a formalization of much of our team’s research on insider threat detection, prevention, and mitigation. This ontology bridges the gap between natural language descriptions of ...
متن کاملThe Insider Threat Prediction and Specification Language
Various information security surveys and case studies indicate the importance and manifestation of the insider threat problem. One of the most important tools to address insider threats is to enable the researchers to build case studies and express/replay threat scenarios. The Insider Threat Prediction and Specification Language (ITPSL) is a Domain Specific Language (DSL) created to provide a s...
متن کامل