Integrating Cyber Deception Into Attribute-Based Access Control (ABAC) for Insider Threat Detection
نویسندگان
چکیده
Insider threat is an ever-present challenge to corporate security. The availability of knowledge and privileges insiders makes it extremely difficult prevent, detect or deter malicious insider activities. In the literature, several studies have proposed deception-based approaches mitigate threats through different layers systems. However, integration access control cyber deception methods has not been adequately discussed. this paper, we integrate Attribute-based Access Control (ABAC) with honey-based techniques effectively track insiders, particularly in context a dynamic work environment. To best our knowledge, first study design, implement evaluate integration. Our evaluation results show that framework reliably identifies sensitive attributes system generates indistinguishable honey values protect them average similarity score 0.90 truth.
منابع مشابه
Strategies for Incorporating Delegation into Attribute-Based Access Control (ABAC)
Attribute-Based Access Control (ABAC) is an emerging model of access control that has gained significant interest in both recent academic literature and industry application. However, to date there have been almost no attempts to incorporate the concept of dynamic delegation into ABAC. This work lays out a number of possible strategies for incorporating delegation into existing ABAC models and ...
متن کاملMitigating malicious insider cyber threat
This paper examines malicious insider threat and explains the key differences from other types of insider threat and from external threat actors. A phase based “kill-chain” malicious insider threat model is developed and proposed to help inform selection of mitigation countermeasures which are complementary or incremental to a typically implemented traditional ISO 17799/27002 information securi...
متن کاملInsider Threat Likelihood Assessment for Access Control Systems: Quantitative Approach
Organizations need to use flexible access control mechanisms where the access decisions to critical information assets are taken dynamically. In this paper, we present a framework for insider threat likelihood assessment within the context of access control systems. Our approach takes into account information flows, the trustworthiness of subjects, the sensitivity of objects and the security co...
متن کاملPreventative Directions For Insider Threat Mitigation Via Access Control
Much research on mitigating threat posed by insiders focuses on detection. In this chapter, we consider the prevention of attacks using access control While recent work and development in this space are promising, our studies of technologists in financial, health care, and other enterprise environments reveal a disconnect between what “real world” practitioners desire and what the research and ...
متن کاملSecure Cyber Deception Architecture and Decoy Injection to Mitigate the Insider Threat
We propose a novel dynamic host mutation (DHM) architecture based on moving target defense (MTD) that can actively cope with cyberattacks. The goal of the DHM is to break the cyber kill chain, expand the attack surface to increase the attacker’s target analysis cost, and disrupt the attacker’s fingerprinting to disable the server trace. We define the participating entities that share the MTD po...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE Access
سال: 2022
ISSN: ['2169-3536']
DOI: https://doi.org/10.1109/access.2022.3213645