Frontiers in Insider Threats and Data Leakage Prevention

Organizations continue to be plagued by information leaks caused by insiders with legitimate access to critical or proprietary information. Such unauthorized leaks may result in significant damage to competitiveness, reputation and finances, and organizations should consider proactive approaches to preventing, detecting, and responding to this threat. In this special issue, we have selected eight papers describing recent work on insider threat and data leakage prevention. These include four papers [1][2][3][4] derived from the third International Workshop on Managing Insider Security Threats (MIST 2011)1 in conjunction with the third IEEE International Conference on Intelligent Networking and Collaborative Systems (IEEE INCoS 2011). In the first paper, titled “From Insider Threats to Business Processes that are Secure-by-Design” [1], the author suggests that insider threat is a placeholder term indicating the transition from securing IT infrastructures to securing the socio-technical systems. While observing that the concept of an insider is not helpful in today’s dynamic heterogeneous organizations, he adopts “business processes that are secure-by-design (sustainable business processes)” as a new paradigm where those processes remain viable even when attacks are launched with insider knowledge. Finally, the author presents two research challenges for the sustainable business processes, modelling socio-technical systems and exploring the foundations of judgement-based risk analysis methods. The second paper, titled “Combining Baiting and User Search Profiling Techniques for Masquerade Detection” proposes an integrated masquerade detection to combine user behavior profiling with a baiting technique [5]. The proposed approach reduces false positives when compared to user behavior profiling alone. In addition, it is shown that this approach can harden a masquerade attack detector against mimicry attacks. In the third paper, titled “A Certificateless Ordered Sequential Aggregate Signature Scheme Secure against Super Adversaries” [2], the authors propose an ordered sequential aggregate signature in certificateless setting. Further, they discuss its security against super adversaries who can obtain signature of a target signer but without providing a secret value for a challenger. The fourth paper titled “Security Analysis of Offline E-cash Systems with Malicious Insider” analyses security of offline anonymous electronic cash systems. This includes recent systems based on the