Sadie Creese scite author profile

Abstract-The threat that insiders pose to businesses, institutions and governmental organisations continues to be of serious concern. Recent industry surveys and academic literature provide unequivocal evidence to support the significance of this threat and its prevalence. Despite this, however, there is still no unifying framework to fully characterise insider attacks and to facilitate an understanding of the problem, its many components and how they all fit together. In this paper, we focus on this challenge and put forward a grounded framework for understanding and reflecting on the threat that insiders pose. Specifically, we propose a novel conceptualisation that is heavily grounded in insiderthreat case studies, existing literature and relevant psychological theory. The framework identifies several key elements within the problem space, concentrating not only on noteworthy events and indicators -technical and behavioural -of potential attacks, but also on attackers (e.g., the motivation behind malicious threats and the human factors related to unintentional ones), and on the range of attacks being witnessed. The real value of our framework is in its emphasis on bringing together and defining clearly the various aspects of insider threat, all based on realworld cases and pertinent literature. This can therefore act as a platform for general understanding of the threat, and also for reflection, modelling past attacks and looking for useful patterns.

show abstract

Security Risk Assessment in Internet of Things Systems

Nurse¹,

Creese²,

Roure³

2017

IT Prof.

153

114

View full text Add to dashboard Cite

Cybersecurity risk assessment approaches have served us well over the last decade. They have provided a platform through which organisations and governments could better protect themselves against pertinent risks. As the complexity, pervasiveness and automation of technology systems increases however, particularly with the Internet of Things (IoT), there is a strong argument for the need for new approaches to assess risk and build trust. The challenge with simply extending existing assessment methodologies to these systems is that we could be blind to new risks arising in such ecosystems. These risks could be related to the high degrees of connectivity present, or the coupling of digital, cyberphysical and social systems. This article makes the case for new methodologies to assess risk in this context which consider the dynamics and uniqueness of IoT, but also the rigour of best practice in risk assessment. engaged in a broad portfolio of cyber security research spanning identity security, situational awareness, visual analytics, risk propagation and communication, threat modelling and detection, network defence, dependability and resilience, and formal analysis. Contact him at sadie.creese@cs.ox.ac.uk.

show abstract

A taxonomy of cyber-harms: Defining the impacts of cyber-attacks and understanding how they propagate

et al. 2018

View full text Add to dashboard Cite

Automated Insider Threat Detection System Using User and Role-Based Profile Assessment

Legg

Buckley

Goldsmith

et al. 2017

IEEE Systems Journal

107

View full text Add to dashboard Cite

Abstract-Organisations are experiencing an ever-growing concern of how to identify and defend against insider threats. Those who have authorised access to sensitive organisational data are placed in a position of power that could well be abused and could cause significant damage to an organisation. This could range from financial theft and intellectual property theft, through to the destruction of property and business reputation. Traditional intrusion detection systems are not designed, nor are capable, of identifying those who act maliciously within an organisation. In this paper, we describe an automated system that is capable of detecting insider threats within an organisation. We define a tree-structure profiling approach that incorporates the details of activities conducted by each user and each job role, and then use this to obtain a consistent representation of features that provide a rich description of the user's behaviour. Deviation can be assessed based on the amount of variance that each user exhibits across multiple attributes, compared against their peers. We have performed experimentation using 10 synthetic data-driven scenarios and found that the system can identify anomalous behaviour that may be indicative of a potential threat. We also show how our detection system can be combined with visual analytics tools to support further investigation by an analyst.

show abstract

Individual Differences in Cyber Security Behaviors: An Examination of Who Is Sharing Passwords

Whitty

Doodson

Creese

et al. 2015

Cyberpsychology, Behavior, and Social Networking

View full text Add to dashboard Cite

In spite of the number of public advice campaigns, researchers have found that individuals still engage in risky password practices. There is a dearth of research available on individual differences in cyber security behaviors. This study focused on the risky practice of sharing passwords. As predicted, we found that individuals who scored high on a lack of perseverance were more likely to share passwords. Contrary to our hypotheses, we found younger [corrected] people and individuals who score high on self-monitoring were more likely to share passwords. We speculate on the reasons behind these findings, and examine how they might be considered in future cyber security educational campaigns.

show abstract

Insider Attacks in Cloud Computing

Duncan

Creese

Goldsmith

2012

View full text Add to dashboard Cite

If you can't understand it, you can't properly assess it! The reality of assessing security risks in Internet of Things systems

Nurse¹,

Radanliev²,

Creese³

et al. 2018

View full text Add to dashboard Cite

Security risk assessment methods have served us well over the last two decades. As the complexity, pervasiveness and automation of technology systems increases, particularly with the Internet of Things (IoT), there is a convincing argument that we will need new approaches to assess risk and build system trust. In this article, we report on a series of scoping workshops and interviews with industry professionals (experts in enterprise systems, IoT and risk) conducted to investigate the validity of this argument. Additionally, our research aims to consult with these professionals to understand two crucial aspects. Firstly, we seek to identify the wider concerns in adopting IoT systems into a corporate environment, be it a smart manufacturing shop floor or a smart office. Secondly, we investigate the key challenges for approaches in industry that attempt to effectively and efficiently assess cyber-risk in the IoT.

show abstract

Privacy is the Boring Bit: User Perceptions and Behaviour in the Internet-of-Things

Williams

Nurse

Creese

2017

View full text Add to dashboard Cite

In opinion polls, the public frequently claim to value their privacy. However, individuals often seem to overlook the principle, contributing to a disparity labelled the 'Privacy Paradox'. The growth of the Internet-of-Things (IoT) is frequently claimed to place privacy at risk. However, the Paradox remains underexplored in the IoT. In addressing this, we first conduct an online survey (N = 170) to compare public opinions of IoT and less-novel devices. Although we find users perceive privacy risks, many still decide to purchase smart devices. With the IoT rated less usable/familiar, we assert that it constrains protective behaviour. To explore this hypothesis, we perform contextualised interviews (N = 40) with the public. In these dialogues, owners discuss their opinions and actions with a personal device. We find the Paradox is significantly more prevalent in the IoT, frequently justified by a lack of awareness. We finish by highlighting the qualitative comments of users, and suggesting practical solutions to their issues. This is the first work, to our knowledge, to evaluate the Privacy Paradox over a broad range of technologies.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Sadie Creese

Understanding Insider Threat: A Framework for Characterising Attacks

Security Risk Assessment in Internet of Things Systems

A taxonomy of cyber-harms: Defining the impacts of cyber-attacks and understanding how they propagate

Automated Insider Threat Detection System Using User and Role-Based Profile Assessment

Individual Differences in Cyber Security Behaviors: An Examination of Who Is Sharing Passwords

Insider Attacks in Cloud Computing

If you can't understand it, you can't properly assess it! The reality of assessing security risks in Internet of Things systems

Privacy is the Boring Bit: User Perceptions and Behaviour in the Internet-of-Things

Contact Info

Product

Resources

About