An Ontological Approach to the Document Access Problem of Insider Threat
نویسندگان
چکیده
Verification of legitimate access of documents, which is one aspect of the umbrella of problems in the Insider Threat category, is a challenging problem. This paper describes the research and prototyping of a system that takes an ontological approach, and is primarily targeted for use by the intelligence community. Our approach utilizes the notion of semantic associations and their discovery among a collection of heterogeneous documents. We highlight our contributions in (graphically) capturing the scope of the investigation assignment of an intelligence analyst by referring to classes and relationships of an ontology; in computing a measure of the relevance of documents accessed by an analyst with respect to his/her assignment; and by describing the components of our system that have provided early yet promising results, and which will be further evaluated more extensively based on domain experts and sponsor inputs.
منابع مشابه
An Authorization Framework for Database Systems
Today, data plays an essential role in all levels of human life, from personal cell phones to medical, educational, military and government agencies. In such circumstances, the rate of cyber-attacks is also increasing. According to official reports, data breaches exposed 4.1 billion records in the first half of 2019. An information system consists of several components, which one of the most im...
متن کاملDetecting and Countering Insider Threats: Can Policy-Based Access Control Help?
As insider threats pose very significant security risks to IT systems, we ask what policy-based approaches to access control can do for the detection, mitigation or countering of insider threats and insider attacks. Answering this question is difficult since little public data about insider-threat cases is available, since there is not much consensus about what the insider problem actually is, ...
متن کاملThe Cyber Enemy Within ... Countering the Threat from Malicious Insiders
One of the most critical problems facing the information security community is the threat of a malicious insider abusing his computer privileges to modify, remove, or prevent access to an organization’s data. An insider is considered trusted (at least implicitly) by his organization because he is granted access to its computing environment. Whether or not that insider is in fact trustworthy is ...
متن کاملAn ontological hybrid recommender system for dealing with cold start problem
Recommender Systems ( ) are expected to suggest the accurate goods to the consumers. Cold start is the most important challenge for RSs. Recent hybrid s combine and . We introduce an ontological hybrid RS where the ontology has been employed in its part while improving the ontology structure by its part. In this paper, a new hybrid approach is proposed based on the combination of demog...
متن کاملیک سامانه مدیریت دسترسی برای کاهش تهدیدهای عملیاتی در سامانه اسکادا
One of the most dangerous insider threats in a supervisory control and data acquisition (SCADA) system is the operational threat. An operational threat occurs when an authorized operator misuses the permissions, and brings catastrophic damages by sending legitimate control commands. Providing too many permissions may backfire, when an operator wrongly or deliberately abuses the privileges. Ther...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2005