Model based analysis of insider threats

Chen, Taolue, Han, Tingting, Kammueller, Florian ORCID logoORCID: https://orcid.org/0000-0001-5839-5488, Nemli, Ibrahim and Probst, Christian (2016) Model based analysis of insider threats. Proceedings of the 2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security). In: 2016 International Conference on Cyber Security and Protection of Digital Services (Cyber Security), 13-14 Jun 2016, London, United Kingdom. ISBN 978-1-5090-0709-7. [Conference or Workshop Item] (doi:10.1109/CyberSecPODS.2016.7502350)

[img]
Preview
PDF - Final accepted version (with author's formatting)
Download (310kB) | Preview

Abstract

In order to detect malicious insider attacks it is important to model and analyse infrastructures and policies of organisations and the insiders acting within them. We extend formal approaches that allow modelling such scenarios by quantitative aspects to enable a precise analysis of security designs. Our framework enables evaluating the risks of an insider attack to happen quantitatively. The framework first identifies an insider's intention to perform an inside attack, using Bayesian networks, and in a second phase computes the probability of success for an inside attack by this actor, using probabilistic model checking. We provide prototype tool support using Matlab for Bayesian networks and PRISM for the analysis of Markov decision processes, and validate the framework with case studies.

Item Type: Conference or Workshop Item (Paper)
Research Areas: A. > School of Science and Technology > Computer Science
Item ID: 21978
Notes on copyright: © 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Useful Links:
Depositing User: Florian Kammueller
Date Deposited: 13 Jun 2017 09:47
Last Modified: 10 Jun 2022 11:07
URI: https://eprints.mdx.ac.uk/id/eprint/21978

Actions (login required)

View Item View Item

Statistics

Activity Overview
6 month trend
231Downloads
6 month trend
350Hits

Additional statistics are available via IRStats2.