A Framework for Insider Collusion Threat Prediction and Mitigation in Relational Databases
Title | A Framework for Insider Collusion Threat Prediction and Mitigation in Relational Databases |
Publication Type | Conference Paper |
Year of Publication | 2019 |
Authors | Yaseen, Q., Alabdulrazzaq, A., Albalas, F. |
Conference Name | 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC) |
ISBN Number | 978-1-7281-0554-3 |
Keywords | authorisation, cloud computing, Collaboration, collusion insider attacks, Collusion Threat, composability, Computer hacking, Data dependencies, database architect, database management systems, database schema, discovered collusion insider threat, Human Behavior, Information security, insider collusion threat prediction, insider threat, insiders accesses, Knowledgebase, Metrics, mitigating technique, Predictive models, pubcrawl, real time monitoring technique, Relational Database, relational database security, relational database systems, relational databases, remuneration, resilience, Resiliency, robust technique, threat mitigation |
Abstract | This paper proposes a framework for predicting and mitigating insider collusion threat in relational database systems. The proposed model provides a robust technique for database architect and administrators to predict insider collusion threat when designing database schema or when granting privileges. Moreover, it proposes a real time monitoring technique that monitors the growing knowledgebases of insiders while executing transactions and the possible collusion insider attacks that may be launched based on insiders accesses and inferences. Furthermore, the paper proposes a mitigating technique based on the segregation of duties principle and the discovered collusion insider threat to mitigate the problem. The proposed model was tested to show its usefulness and applicability. |
URL | https://ieeexplore.ieee.org/document/8666582 |
DOI | 10.1109/CCWC.2019.8666582 |
Citation Key | yaseen_framework_2019 |
- insider threat
- robust technique
- Resiliency
- resilience
- remuneration
- relational databases
- relational database systems
- relational database security
- Relational Database
- real time monitoring technique
- pubcrawl
- Predictive models
- mitigating technique
- Metrics
- Knowledgebase
- insiders accesses
- threat mitigation
- insider collusion threat prediction
- information security
- Human behavior
- discovered collusion insider threat
- database schema
- database management systems
- database architect
- Data dependencies
- Computer hacking
- composability
- Collusion Threat
- collusion insider attacks
- collaboration
- Cloud Computing
- authorisation