Visible to the public Biblio

Filters: Keyword is Critical assets  [Clear All Filters]
2020-01-21
Ikany, Joris, Jazri, Husin.  2019.  A Symptomatic Framework to Predict the Risk of Insider Threats. 2019 International Conference on Advances in Big Data, Computing and Data Communication Systems (icABCD). :1–5.
The constant changing of technologies have brought to critical infrastructure organisations numerous information security threats such as insider threat. Critical infrastructure organisations have difficulties to early detect and capture the possible vital signs of insider threats due sometimes to lack of effective methodologies or frameworks. It is from this viewpoint that, this paper proposes a symptomatic insider threat risk assessments framework known as Insider Threat Framework for Namibia Critical Infrastructure Organization (ITFNACIO), aimed to predict the probable signs of insider threat based on Symptomatic Analysis (SA), and develop a prototype as a proof of concept. A case study was successfully used to validate and implement the proposed framework; hence, qualitative methodology was employed throughout the whole research process where two (2) insider threats were captured. The proposed insider threat framework can be further developed in multiple cases and a more automated system able to trigger an early warning system of possible insider threat events.
2019-02-08
Li, Shijin, Zhu, Minchen, Qiu, Yanbin.  2018.  Attack Intent Analysis Method Based on Attack Path Graph. Proceedings of the 8th International Conference on Communication and Network Security. :27-31.

At present, with the increase of automated attack tools and the development of the underground industrial chain brought by network attack, even well-managed network is vulnerable to complex multi-step network attack, which combines multiple network vulnerabilities and uses the causal relationship between them to achieve the attack target. The detection of such attack intention is very difficult. Therefore, in order to solve the problem that the real attack intention of the attackers in complex network is difficult to be recognized, this paper proposes to assume the possible targets in the network according to the important asset information in the network. By constructing the hierarchical attack path graph, the probability of each hypothetical attack intention target is calculated, and the real attack intention and the most likely attack path of the attacker are deduced. The hierarchical attack path graph we use can effectively overcome the cognitive difficulties caused by network complexity and large scale, and can quantitatively and qualitatively analyze the network status. It is of great importance to make the protection and strategy of network security.