Modeling insider threat types in cyber organizations
| Title | Modeling insider threat types in cyber organizations |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Santos, E. E., Santos, E., Korah, J., Thompson, J. E., Murugappan, V., Subramanian, S., Zhao, Yan |
| Conference Name | 2017 IEEE International Symposium on Technologies for Homeland Security (HST) |
| ISBN Number | 978-1-5090-6356-7 |
| Keywords | awareness, Bayes methods, Bayesian knowledge bases (BKBs), behavioral modeling, business data processing, Collaboration, computational model, Computational modeling, cultural differences, cyber organizations, cyber security, Human Behavior, human factors, insider threat, insider threat types, insider threats, insider traits, knowledge based systems, manipulation, Metrics, Organizations, policy-based governance, predictability, Predictive models, pubcrawl, Random variables, Resiliency, security of data, social modeling, susceptibility, Trust |
| Abstract | Insider threats can cause immense damage to organizations of different types, including government, corporate, and non-profit organizations. Being an insider, however, does not necessarily equate to being a threat. Effectively identifying valid threats, and assessing the type of threat an insider presents, remain difficult challenges. In this work, we propose a novel breakdown of eight insider threat types, identified by using three insider traits: predictability, susceptibility, and awareness. In addition to presenting this framework for insider threat types, we implement a computational model to demonstrate the viability of our framework with synthetic scenarios devised after reviewing real world insider threat case studies. The results yield useful insights into how further investigation might proceed to reveal how best to gauge predictability, susceptibility, and awareness, and precisely how they relate to the eight insider types. |
| URL | https://ieeexplore.ieee.org/document/7943445 |
| DOI | 10.1109/THS.2017.7943445 |
| Citation Key | santos_modeling_2017 |
- Insider Threats
- trust
- susceptibility
- social modeling
- security of data
- Resiliency
- Random variables
- pubcrawl
- Predictive models
- predictability
- policy-based governance
- Organizations
- Metrics
- manipulation
- knowledge based systems
- insider traits
- Awareness
- insider threat types
- insider threat
- Human Factors
- Human behavior
- cyber security
- cyber organizations
- cultural differences
- Computational modeling
- computational model
- collaboration
- business data processing
- Behavioral Modeling
- Bayesian knowledge bases (BKBs)
- Bayes methods