Modeling and verification of insider threats using logical analysis

Kammueller, Florian and Probst, Christian (2017) Modeling and verification of insider threats using logical analysis. IEEE Systems Journal, 11 (2). pp. 534-545. ISSN 1932-8184

[img]
Preview
PDF - Final accepted version (with author's formatting)
Download (651kB) | Preview

Abstract

In this paper we combine formal modeling and analysis of infrastructures of organisations with sociological explanation to provide a framework for insider threat analysis. We use the Higher Order Logic proof assistant Isabelle/HOL to support this framework. In the formal model, we exhibit and use a common trick from the formal verification of security protocols showing that it is applicable to insider threats. We introduce briefly a three step process of social explanation illustrating that it can be applied fruitfully to the characterisation of insider threats. We introduce the Insider theory constructed in Isabelle that implements this process of social explanation. To validate that the social explanation is generally useful for the analysis of insider threats and to demonstrate our framework, we model and verify the insider threat patterns Entitled Independent and Ambitious Leader in our Isabelle/HOL framework.

Item Type: Article
Research Areas: A. > School of Science and Technology > Computer Science
Item ID: 15189
Notes on copyright: © 2015 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Useful Links:
Depositing User: Florian Kammueller
Date Deposited: 23 Apr 2015 10:30
Last Modified: 13 Sep 2018 11:21
URI: http://eprints.mdx.ac.uk/id/eprint/15189

Actions (login required)

Edit Item Edit Item

Full text downloads (NB count will be zero if no full text documents are attached to the record)

Downloads per month over the past year