CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
An analysis of security incidents on the Internet 1989-1995
An analysis of security incidents on the Internet 1989-1995
A multi-layered security architecture for modelling complex systems
Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead
Improving software security using search-based refactoring
SSBSE'12 Proceedings of the 4th international conference on Search Based Software Engineering
Hi-index | 0.00 |
The insider threat poses a significant and increasing problem for organizations. This is shown by the regular stories of fraud and data loss reported daily in the media in the US and elsewhere. There is a need to provide systematic protection from insider attacks because of their privileged access. We have developed a three-layer security architecture containing the physical, logical and social levels that we use to analyze the insider threat holistically to prevent, detect and recover from attacks. We examine destructive insider attacks, but the same analysis can be straightforwardly applied to the other main classes of insider threat from financial fraud and information theft. Our practical security model appears to have widespread application to other problem domains such as critical infrastructure and financial systems, as it allows the analysis of systems in their entirety including human and physical factors, not just as technical systems.