The Insider, Naivety, and Hostility: Security Perfect Storm?-Reference-Cited by-同舟云学术

The Insider, Naivety, and Hostility: Security Perfect Storm?

Published:2004-06 Issue:4 Volume:2 Page:58-65
ISSN:1542-7730
Container-title:Queue
language:en
Short-container-title:Queue

Author:

Thompson Herbert H¹,Ford Richard²

Affiliation:

1. Security Innovation

2. Florida Institute of Technology

Abstract

Every year corporations and government installations spend millions of dollars fortifying their network infrastructures. Firewalls, intrusion detection systems, and antivirus products stand guard at network boundaries, and individuals monitor countless logs and sensors for even the subtlest hints of network penetration. Vendors and IT managers have focused on keeping the wily hacker outside the network perimeter, but very few technological measures exist to guard against insiders - those entities that operate inside the fortified network boundary. The 2002 CSI/FBI survey estimates that 70 percent of successful attacks come from the inside. Several other estimates place those numbers even higher.

Publisher

Association for Computing Machinery (ACM)

Subject

General Computer Science

Link

https://dl.acm.org/doi/pdf/10.1145/1016978.1016983

Reference7 articles.

1. 1 . Power R. 2002 CSI/FBI computer crime and security survey. Computer Security Issues and Trends VIII 1 (Spring 2002). 1. Power R. 2002 CSI/FBI computer crime and security survey. Computer Security Issues and Trends VIII 1 (Spring 2002).

2. 2 . Hayden M. V. The Insider Threat to U. S. Government Information Systems. Report from NSTISSAM INFOSEC /1-99 July 1999. 2. Hayden M. V. The Insider Threat to U. S. Government Information Systems. Report from NSTISSAM INFOSEC /1-99 July 1999.

3. 3 . Ferrie P. and Lee T. Analysis of W32.Mydoom.A@mm; http://securityresponse.symantec.com/avcenter/venc/ data/w32.novarg.a@mm.html. 3. Ferrie P. and Lee T. Analysis of W32.Mydoom.A@mm; http://securityresponse.symantec.com/avcenter/venc/ data/w32.novarg.a@mm.html.

4. 5 . See for example Microsoft Security Bulletin MS03- 050 Vulnerability in Microsoft Word and Microsoft Excel Could Allow Arbitrary Code To Run: http: //www.microsoft.com/technet/security/bulletin/MS03- 050.mspx; or MS03-035 Flaws in Microsoft Word Could Enable Macros To Run Automatically: http://www.microsoft.com/technet/security/bulletin/ MS03-035.mspx. 5. See for example Microsoft Security Bulletin MS03- 050 Vulnerability in Microsoft Word and Microsoft Excel Could Allow Arbitrary Code To Run: http: //www.microsoft.com/technet/security/bulletin/MS03- 050.mspx; or MS03-035 Flaws in Microsoft Word Could Enable Macros To Run Automatically: http://www.microsoft.com/technet/security/bulletin/ MS03-035.mspx.