Insider Threat Analysis of Case Based System Dynamics
نویسندگان
چکیده
One of the most dangerous security threats today is insider threat, and it is such a much more complex issue. But till now, there is no equivalent to a vulnerability scanner for insider threat. We survey and discuss the history of research on insider threat analysis to know system dynamics is the best method to mitigate insider threat from people, process, and technology. In the paper, we present a famous case of insider threats in Taiwan using system dynamics to analyze the tailored model. We may reduce the risk and increase the probability of detecting insider threats from personnel of simulation model. The study concludes with suggestions for future research and implications for system dynamics who are interested in insider threat issue.
منابع مشابه
System Dynamics Based Insider Threats Modeling
Insider threat has been recognized as one of the most dangerous security threats and become a much more complex issue. Insider threat is resulted from the legitimate users abusing their privileges and cause tremendous damage or losses. Not always being friends, insiders can be main threats to the organization. Currently, there is no equivalent prevention solution for insider threat to an intrut...
متن کاملManagement and Education of the Risk of Insider Threat (MERIT): System Dynamics Modeling of Computer System Sabotage
The Insider Threat Study, conducted by the U.S. Secret Service and Carnegie Mellon University’s Software Engineering Institute CERT Program, analyzed insider cyber crimes across U.S. critical infrastructure sectors. The study indicates that management decisions related to organizational and employee performance sometimes yield unintended consequences magnifying risk of insider attack. Lack of t...
متن کاملInsider Threat Defined: Discovering the Prototypical Case
In a continued effort to better define the field of insider threat research, this study presents a survey of 30 cybersecurity experts’ opinions on the attributes of a prototypical insider and insider threat case. The survey is based on the attributes in the Entity-Relationship Model developed in a previous study of 42 different definitions of insider and insider threat. To develop clearer conse...
متن کاملMitigating malicious insider cyber threat
This paper examines malicious insider threat and explains the key differences from other types of insider threat and from external threat actors. A phase based “kill-chain” malicious insider threat model is developed and proposed to help inform selection of mitigation countermeasures which are complementary or incremental to a typically implemented traditional ISO 17799/27002 information securi...
متن کاملFormal Specification of Common Criteria Based Access Control Policy Model
One of the major threats that an enterprise Information system networks are facing today is the Insider threat. As part of the Insider Threat study, lack of an effective access control mechanism is identified as one of the major causes that facilitated IT sabotage. In this paper we propose a network access control meta model as per ISO/IEC security evaluation criteria Common Criteria to provide...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011