Advanced Risk Measurement Approach to Insider Threats in Cyberspace

被引:0
|
作者
Cho, Inhyun [1 ]
Lee, Kyungho [1 ]
机构
[1] Korea Univ, CIST, Seoul 136713, South Korea
来源
INTELLIGENT AUTOMATION AND SOFT COMPUTING | 2016年 / 22卷 / 03期
关键词
Insider threat; risk measurement; data leakage; banking Sector; cyberspace;
D O I
10.1080/10798587.2015.1121617
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Inside jobs have been a source of critical threats in cyberspace. To manage such insider threats, a proper measurement approach is required for effective risk-based decision-making. The measurement approach should include insider-related information (e.g. the significance of jobs, the position level, the required authority for data, and the type of employment) in order to better measure and analyze insider risks. In this paper, we suggest an approach that takes into account the insider-related information in calculating data leakage risk of insiders in the banking sector. We implement this approach by utilizing real-world data to calculate insider risks. We present an effective risk measurement approach, which we believe can enhance decision-making process for risk management for insider threats.
引用
收藏
页码:405 / 413
页数:9
相关论文
共 50 条
  • [21] Modelling of Enterprise Insider Threats
    Roy, Puloma
    Mazumdar, Chandan
    2015 INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS SECURITY AND PRIVACY (ICISSP), 2015, : 132 - 136
  • [22] Identifying and Mitigating Insider Threats
    Probst, Christian W.
    IT-INFORMATION TECHNOLOGY, 2011, 53 (04): : 202 - 206
  • [23] Towards a social network approach for monitoring insider threats to information security
    Natarajan, A
    Hossain, L
    INTELLIGENCE AND SECURITY INFORMATICS, PROCEEDINGS, 2004, 3073 : 501 - 507
  • [24] An adaptive risk management and access control framework to mitigate insider threats
    Baracaldo, Nathalie
    Joshi, James
    COMPUTERS & SECURITY, 2013, 39 : 237 - 254
  • [25] Insider Threats in Information Security
    Elmrabit, Ncbrase
    Yang, Shuang-Hua
    Yang, Lili
    2015 21ST INTERNATIONAL CONFERENCE ON AUTOMATION AND COMPUTING (ICAC), 2015, : 108 - 113
  • [26] Tracking the Insider Attacker: A Blockchain Traceability System for Insider Threats
    Hu, Teng
    Xin, Bangzhou
    Liu, Xiaolei
    Chen, Ting
    Ding, Kangyi
    Zhang, Xiaosong
    SENSORS, 2020, 20 (18) : 1 - 18
  • [27] Technologies in CyberSpace: A Context of Threats and Defenses
    Kessler, Gary C.
    IDENTIFICATION OF POTENTIAL TERRORISTS AND ADVERSARY PLANNING: EMERGING TECHNOLOGIES AND NEW COUNTER-TERROR STRATEGIES, 2017, 132 : 60 - 74
  • [28] A risk-based framework to inform prioritisation of security investment for insider threats
    Sektas-Bilusich D.
    Nunes-Vaz R.A.
    Chim L.
    Lord S.
    International Journal of Safety and Security Engineering, 2020, 10 (01): : 49 - 57
  • [29] Including insider threats into risk management through Bayesian threat graph networks
    d'Ambrosio, Nicola
    Perrone, Gaetano
    Romano, Simon Pietro
    COMPUTERS & SECURITY, 2023, 133
  • [30] BTDetect: An Insider Threats Detection Approach Based on Behavior Traceability for IaaS Environments
    Lin, Li
    Li, Shuang
    Lv, Xuhui
    Li, Bo
    19TH IEEE INTERNATIONAL SYMPOSIUM ON PARALLEL AND DISTRIBUTED PROCESSING WITH APPLICATIONS (ISPA/BDCLOUD/SOCIALCOM/SUSTAINCOM 2021), 2021, : 344 - 351
12345