Modeling of Insider Threat using Enterprise Automaton

被引:0
|
作者
Roy, Puloma [1 ]
Mazumdar, Chandan [1 ]
机构
[1] Jadavpur Univ, Ctr Distributed Comp, Kolkata, India
来源
PROCEEDINGS OF 2018 FIFTH INTERNATIONAL CONFERENCE ON EMERGING APPLICATIONS OF INFORMATION TECHNOLOGY (EAIT) | 2018年
关键词
Enterprise process; Insider; Insider Threat; Insider Attacker;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Substantial portions of attacks on the security of enterprises are perpetrated by Insiders having authorized privileges. Thus insider threat and attack detection is an important aspect of Security management. In the published literature, efforts are on to model the insider threats based on the behavioral traits of employees. The psycho-social behaviors are hard to encode in the software systems. Also, in some cases, there are privacy issues involved. In this paper, the human and non-human agents in a system are described in a novel unified model. The enterprise is described as an automaton and its states are classified secure, safe, unsafe and compromised. The insider agents and threats are modeled on the basis of the automaton and the model is validated using a case study.
引用
收藏
页数:4
相关论文
共 50 条
  • [21] An agent-based approach to modeling insider threat
    John A. Sokolowski
    Catherine M. Banks
    Thomas J. Dover
    Computational and Mathematical Organization Theory, 2016, 22 : 273 - 287
  • [22] Modeling Expert Judgments of Insider Threat Using Ontology Structure: Effects of Individual Indicator Threat Value and Class Membership
    Greitzer, Frank L.
    Purl, Justin
    Becker, D. E.
    Sticha, Paul J.
    Leong, Yung Mei
    PROCEEDINGS OF THE 52ND ANNUAL HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES, 2019, : 3202 - 3211
  • [23] A method for insider threat assessment by modeling the internal employee interactions
    Sepehrzadeh, Hamed
    INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2023, 22 (05) : 1385 - 1393
  • [24] Temporal Semantic Parsing for Insider Threat Activity Modeling and Detection
    AlSlaiman, Muhanned
    Wang, Christopher
    Salman, Mohammed
    Asiri, Ahmad
    IEEE NATIONAL AEROSPACE AND ELECTRONICS CONFERENCE, NAECON 2024, 2024, : 44 - 49
  • [25] A method for insider threat assessment by modeling the internal employee interactions
    Hamed Sepehrzadeh
    International Journal of Information Security, 2023, 22 : 1385 - 1393
  • [26] Toward an Ontology for Insider Threat Research: Varieties of Insider Threat Definitions
    Mundie, David A.
    Perl, Sam
    Huth, Carly L.
    2013 THIRD WORKSHOP ON SOCIO-TECHNICAL ASPECTS IN SECURITY AND TRUST (STAST 2013), 2013, : 26 - 36
  • [27] A Vector Relational Data Modeling approach to Insider Threat intelligence
    Kelly, Ryan F.
    Anderson, Thomas S.
    GROUND/AIR MULTISENSOR INTEROPERABILITY, INTEGRATION, AND NETWORKING FOR PERSISTENT ISR VII, 2016, 9831
  • [28] The insider threat ‘zoo’
    Renaud K.
    Warkentin M.
    Computer Fraud and Security, 2024, 2024 (05):
  • [29] Danger of the insider threat
    Infosecurity, 2007, 2 (05)
  • [30] Addressing the insider threat
    Application Security Inc
    Netw. Secur., 2008, 3 (11-14):
12345