Model based analysis of insider threats

Chen, Taolue and Han, Tingting and Kammueller, Florian and Nemli, Ibrahim and Probst, Christian (2016) Model based analysis of insider threats. In: 2016 International Conference on Cyber Security and Protection of Digital Services (Cyber Security), 13-14 Jun 2016, London, United Kingdom.

[img]
Preview
PDF - Final accepted version (with author's formatting)
Download (310kB) | Preview

Abstract

In order to detect malicious insider attacks it is important to model and analyse infrastructures and policies of organisations and the insiders acting within them. We extend formal approaches that allow modelling such scenarios by quantitative aspects to enable a precise analysis of security designs. Our framework enables evaluating the risks of an insider attack to happen quantitatively. The framework first identifies an insider's intention to perform an inside attack, using Bayesian networks, and in a second phase computes the probability of success for an inside attack by this actor, using probabilistic model checking. We provide prototype tool support using Matlab for Bayesian networks and PRISM for the analysis of Markov decision processes, and validate the framework with case studies.

Item Type: Conference or Workshop Item (Paper)
Research Areas: A. > School of Science and Technology > Computer Science
Item ID: 21978
Notes on copyright: © 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Useful Links:
Depositing User: Florian Kammueller
Date Deposited: 13 Jun 2017 09:47
Last Modified: 07 Dec 2018 08:24
URI: http://eprints.mdx.ac.uk/id/eprint/21978

Actions (login required)

Edit Item Edit Item

Full text downloads (NB count will be zero if no full text documents are attached to the record)

Downloads per month over the past year