Understanding Terror Networks
Security Policies to Mitigate Insider Threat in the Document Control Domain
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Towards a Theory of Insider Threat Assessment
DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
A Framework of Privacy Shield in Organizational Information Systems
ICMB '05 Proceedings of the International Conference on Mobile Business
Toward a threat model for storage systems
Proceedings of the 2005 ACM workshop on Storage security and survivability
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
Position: "insider" is relative
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
Applying role based access control and genetic algorithms to insider threat detection
Proceedings of the 44th annual Southeast regional conference
Incident response: a strategic guide to handling system and network security breaches
Incident response: a strategic guide to handling system and network security breaches
Developing an insider threat model using functional decomposition
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Towards a game theoretic authorisation model
GameSec'10 Proceedings of the First international conference on Decision and game theory for security
Hi-index | 0.00 |
We present a framework for describing insiders and their actions based on the organization, the environment, the system, and the individual. Using several real examples of unwelcome insider action (hard drive removal, stolen intellectual property, tax fraud, and proliferation of e-mail responses), we show how the taxonomy helps in understanding how each situation arose and could have been addressed. The differentiation among types of threats suggests how effective responses to insider threats might be shaped, what choices exist for each type of threat, and the implications of each. Future work will consider appropriate strategies to address each type of insider threat in terms of detection, prevention, mitigation, remediation, and punishment.