TY - GEN
T1 - Modeling insider threat types in cyber organizations
AU - Santos, Eunice E.
AU - Santos, Eugene
AU - Korah, John
AU - Thompson, Jeremy E.
AU - Murugappan, Vairavan
AU - Subramanian, Suresh
AU - Zhao, Yan
N1 - Publisher Copyright:
© 2017 IEEE.
PY - 2017/6/7
Y1 - 2017/6/7
N2 - Insider threats can cause immense damage to organizations of different types, including government, corporate, and non-profit organizations. Being an insider, however, does not necessarily equate to being a threat. Effectively identifying valid threats, and assessing the type of threat an insider presents, remain difficult challenges. In this work, we propose a novel breakdown of eight insider threat types, identified by using three insider traits: predictability, susceptibility, and awareness. In addition to presenting this framework for insider threat types, we implement a computational model to demonstrate the viability of our framework with synthetic scenarios devised after reviewing real world insider threat case studies. The results yield useful insights into how further investigation might proceed to reveal how best to gauge predictability, susceptibility, and awareness, and precisely how they relate to the eight insider types.
AB - Insider threats can cause immense damage to organizations of different types, including government, corporate, and non-profit organizations. Being an insider, however, does not necessarily equate to being a threat. Effectively identifying valid threats, and assessing the type of threat an insider presents, remain difficult challenges. In this work, we propose a novel breakdown of eight insider threat types, identified by using three insider traits: predictability, susceptibility, and awareness. In addition to presenting this framework for insider threat types, we implement a computational model to demonstrate the viability of our framework with synthetic scenarios devised after reviewing real world insider threat case studies. The results yield useful insights into how further investigation might proceed to reveal how best to gauge predictability, susceptibility, and awareness, and precisely how they relate to the eight insider types.
KW - Bayesian knowledge bases (BKBs)
KW - Behavioral modeling
KW - Computational modeling
KW - Cyber security
KW - Insider threat
KW - Manipulation
KW - Social modeling
KW - Trust
UR - http://www.scopus.com/inward/record.url?scp=85022213166&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85022213166&partnerID=8YFLogxK
U2 - 10.1109/THS.2017.7943445
DO - 10.1109/THS.2017.7943445
M3 - Conference contribution
AN - SCOPUS:85022213166
T3 - 2017 IEEE International Symposium on Technologies for Homeland Security, HST 2017
BT - 2017 IEEE International Symposium on Technologies for Homeland Security, HST 2017
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2017 IEEE International Symposium on Technologies for Homeland Security, HST 2017
Y2 - 25 April 2017 through 26 April 2017
ER -