Defining the insider threat

Bishop, Matt; Gates, Carrie

doi:10.1145/1413140.1413158

Cited by 85 publications

(47 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Bishop and Gates' article "Defining the Insider Threat" define an insider [21]; both of these models are classified as "process". Niekerk and Solms present a conceptual model to facilitate conceptual thinking and argumentation in the culture of information security [22].…”

Section: Related Workmentioning

confidence: 99%

System Dynamics Based Insider Threats Modeling

Yang¹,

Wang²

2011

IJNSA

View full text Add to dashboard Cite

show abstract

Section: Related Workmentioning

confidence: 99%

System Dynamics Based Insider Threats Modeling

Yang¹,

Wang²

2011

IJNSA

View full text Add to dashboard Cite

show abstract

“…Different definitions of insider threat have been introduced in [1] and [5]. Researchers in [3] have discussed this issue at an application level such as relational databases.…”

Section: Related Workmentioning

confidence: 99%

“…Actually, weights on edges in the graph are the amount of information the insider gets if he/she has exact knowledge about source data items. Thus, in the example, the amount of information the insider gets about a 2 is not 19% since the insider does not have exact knowledge about a 5 .…”

Section: An Example Scenariomentioning

confidence: 99%

Predicting and Preventing Insider Threat in Relational Database Systems

Yaseen

Panda

2010

Information Security Theory and Practices. Security and Privacy of Pervasive Systems and Smart Devices

View full text Add to dashboard Cite

Abstract. This paper investigates the problem of insider threat in relational database systems. It defines various types of dependencies as well as constraints on dependencies that may be used by insiders to infer unauthorized information. Furthermore, it introduces the Constraint and Dependency Graph (CDG), and the Dependency Matrix that are used to represent dependencies and constraints on them. Furthermore, it presents an algorithm for constructing insiders knowledge graph, which shows the knowledgebase of insiders. In addition, the paper introduces the Threat Prediction Graph (TPG) to predict and prevent insider threat.

show abstract

“…In some cases, the degree of "insiderness" associated with an stakeholder needs to be identified in order to effectively assess risks as the traditional binary definition that requires a clear insider/outsider boundary is longer an appropriate model [1]. Figure 1 provides an example of a generic cloud computing scenario which demonstrates the complexity of the evolving security perimeter.…”

Section: Introductionmentioning

confidence: 99%