Enhanced insider threat detection model that increases data availability

Authors:
Qussai Yaseen;Brajendra Panda
Affiliations:
Computer Science and Computer Engineering Department, University of Arkansas, Fayetteville, AR;Computer Science and Computer Engineering Department, University of Arkansas, Fayetteville, AR
Venue:
ICDCIT'11 Proceedings of the 7th international conference on Distributed computing and internet technology
Year:
2011

Citing 12
Cited 0

Security and inference in multilevel database and knowledge-base systems

SIGMOD '87 Proceedings of the 1987 ACM SIGMOD international conference on Management of data
Secure Databases: Constraints, Inference Channels, and Monitoring Disclosures

IEEE Transactions on Knowledge and Data Engineering
The inference problem: a survey

ACM SIGKDD Explorations Newsletter
Data Level Inference Detection in Database Systems

CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
The inference problem and updates in relational databases

Das'01 Proceedings of the fifteenth annual working conference on Database and application security
Honeypots: Catching the Insider Threat

ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Transaction fusion: a model for data recovery from information attacks

Journal of Intelligent Information Systems - Special issue: Database and applications security
Defining the insider threat

Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead
Knowledge Acquisition and Insider Threat Prediction in Relational Database Systems

CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03
Malicious Modification Attacks by Insiders in Relational Databases: Prediction and Prevention

SOCIALCOM '10 Proceedings of the 2010 IEEE Second International Conference on Social Computing
Organizing Access Privileges: Maximizing the Availability and Mitigating the Threat of Insiders' Knowledgebase

NSS '10 Proceedings of the 2010 Fourth International Conference on Network and System Security
Predicting and preventing insider threat in relational database systems

WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper demonstrates how to prevent or mitigate insider threats in relational databases. It shows how different order of accesses to the same data items may pose different levels of threat. Moreover, it states the conditions that are required to regard a data item as expired. In addition, it introduces the two different methods of executing insiders' tasks, and how to prevent insider threat in those. The models presented in this paper organize accesses to data items in a particular sequence so that the availability of data items is maximized and the expected threat is minimized to the lowest level. Furthermore, it determines when to give an insider an incorrect but acceptable value of a risky data item in order to prevent a possible threat.