Information Assurance: Dependability and Security in Networked Systems
Information Assurance: Dependability and Security in Networked Systems
Multi-step attack modelling and simulation (MsAMS) framework based on mobile ambients
Proceedings of the 2009 ACM symposium on Applied Computing
We have met the enemy and he is us
Proceedings of the 2008 workshop on New security paradigms
SMEs and Cybersecurity Threats in E-Commerce
The EDP Audit, Control, and Security Newsletter
Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts
Computer Communications
Physically restricted authentication with trusted hardware
Proceedings of the 2009 ACM workshop on Scalable trusted computing
Towards Modelling Information Security with Key-Challenge Petri Nets
NordSec '09 Proceedings of the 14th Nordic Conference on Secure IT Systems: Identity and Privacy in the Internet Age
Developing insider attack detection model: a grounded approach
ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
A reinforcement model for collaborative security and Its formal analysis
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Insiders behaving badly: addressing bad actors and their actions
IEEE Transactions on Information Forensics and Security
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
Maintaining defender's reputation in anomaly detection against insider attacks
IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics - Special issue on game theory
Developing an insider threat model using functional decomposition
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Mitigation of malicious modifications by insiders in databases
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Employing Dynamic Models to Enhance Corporate IT Security Policy
International Journal of Agent Technologies and Systems
A methodology and supporting techniques for the quantitative assessment of insider threats
Proceedings of the 2nd International Workshop on Dependability Issues in Cloud Computing
Hi-index | 0.00 |
Insider attacks are a well-known problem acknowledged as a threat as early as 1980s. The threat is attributed to legitimate users who abuse their privileges, and given their familiarity and proximity to the computational environment, can easily cause significant damage or losses. Due to the lack of tools and techniques, security analysts do not correctly perceive the threat, and hence consider the attacks as unpreventable. In this paper, we present a theory of insider threat assessment. First, we describe a modeling methodology which captures several aspects of insider threat, and subsequently, show threat assessment methodologies to reveal possible attack strategies of an insider.