Create the Taxonomy for Unintentional Insider Threat via Text Mining and Hierarchical Clustering Analysis-Reference-Cited by-同舟云学术

Create the Taxonomy for Unintentional Insider Threat via Text Mining and Hierarchical Clustering Analysis

Published:2024-04-05 Issue:2 Volume:8 Page:36-49
ISSN:2736-5751
Container-title:European Journal of Electrical Engineering and Computer Science
language:
Short-container-title:EJECE

Author:

Baugher Jolynn,Qu Yanzhen

Abstract

The unintentional activities of system users can jeopardize the confidentiality, integrity, and assurance of data on information systems. These activities, known as unintentional insider threat activities, account for a significant percentage of data breaches. A method to mitigate or prevent this threat is using smart systems or artificial intelligence (AI). The construction of an AI requires the development of a taxonomy of activities. The literature review focused on data breach threats, mitigation tools, taxonomy usage in cybersecurity, and taxonomy development using Endnote and Google Scholar. This study aims to develop a taxonomy of unintentional insider threat activities based on narrative descriptions of the breach events in public data breach databases. The public databases were from the California Department of Justice, US Health and Human Services, and Verizon, resulting in 1850 examples of human errors. A taxonomy was constructed to specify the dimensions and characteristics of objects. Text mining and hierarchical cluster analysis were used to create the taxonomy, indicating a quantitative approach. Ward’s agglomeration coefficient was used to ensure the cluster was valid. The resulting top-level taxonomy categories are application errors, communication errors, inappropriate data permissions, lost media, and misconfigurations.

Publisher

European Open Science Publishing

Reference51 articles.

1. Morgan S. Cybercrime to cost the world $8 trillion annually in 2023. Cybercrime Magazine; 2022. [October 17; cited 2023 November 20]. Available from: https://cybersecurityventures.com/cybercrime-to-cost-the-world-8-trillion-annually-in-2023/.

2. Tsiostas D, Kittes G, Chouliaras N, Kantzavelou I, Maglaras L, Douligeris C, et al. The insider threat: Reasons, effects and mitigation techniques. 24th Pan-Hellenic Conference on Informatics, pp. 340–5, Athens, Greece: Association for ComputingMachinery; November 20–22 2020. doi: 10.1145/3437120.3437336.

3. Ponemon Institute. 2022 cost of insider threats global report. 2022. [cited 2023 November 20]. Available from: https://www.proofpoint.com/sites/default/files/threat-reports/pfpt-us-tr-the-cost-of-insiderthreats-ponemon-report.pdf.

4. CERT Insider Threat Team. Unintentional Insider Threats: A Foundational Study. Software Engineering Institute; 2013. doi:10.1184/R1/6585575.v1.

5. Verizon. 2008 to 2022 data breach investigations report. Available from: https://www.verizon.com/business/resources/T705/reports/dbir/2022-data-breach-investigations-report-dbir.pdf (accessed 2023).

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Cybersecurity risk assessment of a marine dual-fuel engine on inland waterways ship;Proceedings of the Institution of Mechanical Engineers, Part M: Journal of Engineering for the Maritime Environment;2024-07-28