Abstract
Insider threats that occur within organizations cause more serious damage than external threats. However, there are many factors that are difficult to determine, such as the definition, classification, and severity of security breaches; hence, it is necessary to analyze system logs and user behavior-based scenarios within organizations. The reality is that qualitative judgment criteria are different for everyone to apply, and there is no detailed verification procedure to compare them objectively. In this study, realistic insider threats were examined through the definition, classification, and correlation/association analysis of various human–machine logs of acts associated with security breaches that occur in an organization. In addition, a quantitative process and decision-making tool were developed for insider threats by establishing various internal information leakage scenarios. As a result, insider threats were assessed quantitatively and a decision-making process was completed that enabled case analysis based on several insider threat scenarios. This study will enable precise modeling of insider threats that occur in real organizations and will support an objective process and a decision-making system to establish a range of required information for security protection measures.
Subject
Physics and Astronomy (miscellaneous),General Mathematics,Chemistry (miscellaneous),Computer Science (miscellaneous)
Reference43 articles.
1. Insider Threat Reporthttps://www.fortinet.com/content/dam/fortinet/assets/threat-reports/insider-threat-report.pdf
2. Insider Threat Intelligence Reporthttps://nationalinsiderthreatsig.org/itrmresources/DTex%202018%20Insider%20Threat%20Intelligence%20Report.pdf
3. A survey of insider attack detection research;Salem;Adv. Inf. Secur.,2008
Cited by
7 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献