Deriving Candidate Technical Controls and Indicators of Insider Attack from Socio-Technical Models and Data
نویسنده
چکیده
ix
منابع مشابه
Addressing Insider Threats and Information Leakage
Insider threats are one of the problems of organizational security that are most difficult to handle. It is often unclear whether or not an actor is an insider, or what we actually mean by “insider”. It also is often impossible to determine whether an insider action is permissible, or whether it constitutes an insider attack. From a technical standpoint, the biggest concern is the discriminatio...
متن کاملHow to Generate Security Cameras: Towards Defence Generation for Socio-Technical Systems
Recently security researchers have started to look into automated generation of attack trees from socio-technical system models. The obvious next step in this trend of automated risk analysis is automating the selection of security controls to treat the detected threats. However, the existing socio-technical models are too abstract to represent all security controls recommended by practitioners...
متن کاملFrontiers in Insider Threats and Data Leakage Prevention
Organizations continue to be plagued by information leaks caused by insiders with legitimate access to critical or proprietary information. Such unauthorized leaks may result in significant damage to competitiveness, reputation and finances, and organizations should consider proactive approaches to preventing, detecting, and responding to this threat. In this special issue, we have selected eig...
متن کاملA Method For Characterizing Sociotechnical Events Related to Insider Threat Sabotage
Analyzing historical cases of insider crimes to identify patterns or specific indicators of attack is a challenging task, particularly when using large volumes of free-text input sources, such as court documents and media reports. In this workshop paper, we offer a new process for processing, or coding, free-text descriptions of insider crimes for future analysis; specifically, we study cases o...
متن کاملFormal Modelling and Analysis of Socio-Technical Systems
Attacks on systems and organisations increasingly exploit human actors, for example through social engineering. This non-technical aspect of attacks complicates their formal treatment and automatic identification. Formalisation of human behaviour is difficult at best, and attacks on socio-technical systems are still mostly identified through brainstorming of experts. In this work we discuss sev...
متن کامل