Insider Threat Identification by Process Analysis

Bishop, Matt; Conboy, Heather M.; Phan, Huong Thu Thi; Simidchieva, Borislava I.; Avrunin, George S.; Clarke, Lori A.; Osterweil, Leon J.; Peisert, Sean

doi:10.1109/spw.2014.40

Cited by 41 publications

(31 citation statements)

References 46 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…On the formal side within the Insider threat community in general, the work by Bishop et al [3] is relevant to the Isabelle Insider framework since it also uses a formal model to analyse Insider threats. Bishop and colleagues use the LITTLE-JIL process description language, a general framework for Software Engineering.…”

Section: Related Work and Conclusionmentioning

confidence: 99%

Isabelle Modelchecking for Insider Threats

Kammüller¹

2016

Data Privacy Management and Security Assurance

View full text Add to dashboard Cite

Section: Related Work and Conclusionmentioning

confidence: 99%

Isabelle Modelchecking for Insider Threats

Kammüller¹

2016

Data Privacy Management and Security Assurance

View full text Add to dashboard Cite

“…Indeed, Boss et al (2009) find that the real cause to most security breaches is the human interaction with the systems. Similarly, Posey et al (2011) and Bishop et al (2014) stress that insider threats by employees or users are the main source for breaches. Thus, the probability of a breach can be approximated by the number of users of the system itself and the systems connected to it.…”

Section: It Risk Managementmentioning

confidence: 99%

“…Following research that stresses that insider human factor is the greatest cause to security breaches (e.g., Boss et al, 2009;Posey et al, 2011;Bishop et al, 2014) we let the subsystem's exposure to risk to depend on the number of people who have access to it. This information is given in items 11 and 12 of the questionnaire.…”

Section: Phase 1: Subsystemsmentioning

confidence: 99%

Identifying Security Risk Modules in Information Systems

Dreyfuss¹,

Giat²

2016

InSITE Conference

View full text Add to dashboard Cite

We develop a two-stage model for identifying IT system modules with high security risks. In the first phase, we identify the subsystems that pose the highest risk and which require further investigation. In the next phase, we identify the high-security-risk modules using a more detailed approach. The output of this model helps managers decide on how to invest efficiently in improving the security of their IT system. We describe an application of this model to an IT system in an academic institution in Israel. In the first phase, three of ten subsystems are found to be very risky. In the next phase, we highlight the critical modules within those subsystems. The results of our application in the academic institution indicate that security breaches for the purpose of cheating are a greater threat than other types of security issues.

show abstract

“…The insider threat problem is one of the most daunting challenges to handle in computer security, indeed in all aspects of real-world security [1]. The term insider refers to "a current or former employee, contractor or business partner who has authorised access to an organisation's network, system or data, and intentionally exceeds or misuses that access in an manner that adversely affects the confidentiality, integrity or availability of the organisation's information system" [2].…”

Section: Introductionmentioning

confidence: 99%

“…, c z } of criteria. The Sugeno integral S µ : [0,1] z → [0, 1], associated to a fuzzy measure µ, is defined as follows:…”

Section: Introductionmentioning

confidence: 99%