Relevant bibliographies by topics / Insider threat / Journal articles
To see the other types of publications on this topic, follow the link: Insider threat.

Journal articles on the topic 'Insider threat'

Author: Grafiati
Published: 4 June 2021
Last updated: 1 June 2024

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 journal articles for your research on the topic 'Insider threat.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

Alsowail, Rakan A., and Taher Al-Shehari. "A Multi-Tiered Framework for Insider Threat Prevention." Electronics 10, no. 9 (April 22, 2021): 1005. http://dx.doi.org/10.3390/electronics10091005.

Full text
Abstract:
As technologies are rapidly evolving and becoming a crucial part of our lives, security and privacy issues have been increasing significantly. Public and private organizations have highly confidential data, such as bank accounts, military and business secrets, etc. Currently, the competition between organizations is significantly higher than before, which triggers sensitive organizations to spend an excessive volume of their budget to keep their assets secured from potential threats. Insider threats are more dangerous than external ones, as insiders have a legitimate access to their organization’s assets. Thus, previous approaches focused on some individual factors to address insider threat problems (e.g., technical profiling), but a broader integrative perspective is needed. In this paper, we propose a unified framework that incorporates various factors of the insider threat context (technical, psychological, behavioral and cognitive). The framework is based on a multi-tiered approach that encompasses pre, in and post-countermeasures to address insider threats in an all-encompassing perspective. It considers multiple factors that surround the lifespan of insiders’ employment, from the pre-joining of insiders to an organization until after they leave. The framework is utilized on real-world insider threat cases. It is also compared with previous work to highlight how our framework extends and complements the existing frameworks. The real value of our framework is that it brings together the various aspects of insider threat problems based on real-world cases and relevant literature. This can therefore act as a platform for general understanding of insider threat problems, and pave the way to model a holistic insider threat prevention system.
APA, Harvard, Vancouver, ISO, and other styles
2

Mohammad, Nur Ameera Natasha, Warusia Mohamed Yassin, Rabiah Ahmad, Aslinda Hassan, and Mohammed Nasser Ahmed Al Mhiqani. "An Insider Threat Categorization Framework for Automated Manufacturing Execution System." International Journal of Innovation in Enterprise System 3, no. 02 (July 31, 2019): 31–41. http://dx.doi.org/10.25124/ijies.v3i02.38.

Full text
Abstract:
Insider threats become one of the most dangerous threats in the cyber world as compared to outsider as the insiders have knowledge of assets. In addition, the threats itself considered in-visible and no one can predict what, when and how exactly the threat launched. Based on conducting literature, threat in Automated Manufacturing Execution Systems (AMESs) can be divided into three principle factors. Moreover, there is no standard framework to be referring which exist nowadays to categorize such factors in order to identify insider threats possible features. Therefore, from the conducted literature a standard theoretical categorization of insider threats framework for AMESs has been proposed. Hence, three principle factors, i.e. Human, Systems and Machine have considered as major categorization of insider threats. Consequently, the possible features for each factor identified based on previous researcher recommendations. Therefore, via identifying possible features and categorize it into principle factors or groups, a standard framework could be derived. These frameworks will contribute more benefit specifically in the manufacturing field as a reference to mitigate an insider threat. Keywords—automated manufacturing execution systems insider threats, factors and features, insider threat categorization framework.
APA, Harvard, Vancouver, ISO, and other styles
3

Hu, Teng, Bangzhou Xin, Xiaolei Liu, Ting Chen, Kangyi Ding, and Xiaosong Zhang. "Tracking the Insider Attacker: A Blockchain Traceability System for Insider Threats." Sensors 20, no. 18 (September 16, 2020): 5297. http://dx.doi.org/10.3390/s20185297.

Full text
Abstract:
The insider threats have always been one of the most severe challenges to cybersecurity. It can lead to the destruction of the organisation’s internal network system and information leakage, which seriously threaten the confidentiality, integrity and availability of data. To make matters worse, since the attacker has authorized access to the internal network, they can launch the attack from the inside and erase their attack trace, which makes it challenging to track and forensics. A blockchain traceability system for insider threats is proposed in this paper to mitigate the issue. First, this paper constructs an insider threat model of the internal network from a different perspective: insider attack forensics and prevent insider attacker from escaping. Then, we analyze why it is difficult to track attackers and obtain evidence when an insider threat has occurred. After that, the blockchain traceability system is designed in terms of data structure, transaction structure, block structure, consensus algorithm, data storage algorithm, and query algorithm, while using differential privacy to protect user privacy. We deployed this blockchain traceability system and conducted experiments, and the results show that it can achieve the goal of mitigating insider threats.
APA, Harvard, Vancouver, ISO, and other styles
4

Al-Mhiqani, Mohammed Nasser, Rabiah Ahmad, Z. Zainal Abidin, Warusia Yassin, Aslinda Hassan, Karrar Hameed Abdulkareem, Nabeel Salih Ali, and Zahri Yunos. "A Review of Insider Threat Detection: Classification, Machine Learning Techniques, Datasets, Open Challenges, and Recommendations." Applied Sciences 10, no. 15 (July 28, 2020): 5208. http://dx.doi.org/10.3390/app10155208.

Full text
Abstract:
Insider threat has become a widely accepted issue and one of the major challenges in cybersecurity. This phenomenon indicates that threats require special detection systems, methods, and tools, which entail the ability to facilitate accurate and fast detection of a malicious insider. Several studies on insider threat detection and related areas in dealing with this issue have been proposed. Various studies aimed to deepen the conceptual understanding of insider threats. However, there are many limitations, such as a lack of real cases, biases in making conclusions, which are a major concern and remain unclear, and the lack of a study that surveys insider threats from many different perspectives and focuses on the theoretical, technical, and statistical aspects of insider threats. The survey aims to present a taxonomy of contemporary insider types, access, level, motivation, insider profiling, effect security property, and methods used by attackers to conduct attacks and a review of notable recent works on insider threat detection, which covers the analyzed behaviors, machine-learning techniques, dataset, detection methodology, and evaluation metrics. Several real cases of insider threats have been analyzed to provide statistical information about insiders. In addition, this survey highlights the challenges faced by other researchers and provides recommendations to minimize obstacles.
APA, Harvard, Vancouver, ISO, and other styles
5

Nasser Al-mhiqani, Mohammed, Rabiah Ahmad, Zaheera Zainal Abidin, Warusia Yassin, Aslinda Hassan, and Ameera Natasha Mohammad. "New insider threat detection method based on recurrent neural networks." Indonesian Journal of Electrical Engineering and Computer Science 17, no. 3 (March 1, 2020): 1474. http://dx.doi.org/10.11591/ijeecs.v17.i3.pp1474-1479.

Full text
Abstract:
<p>Insider threat is a significant challenge in cybersecurity. In comparison with outside attackers, inside attackers have more privileges and legitimate access to information and facilities that can cause considerable damage to an organization. Most organizations that implement traditional cybersecurity techniques, such as intrusion detection systems, fail to detect insider threats given the lack of extensive knowledge on insider behavior patterns. However, a sophisticated method is necessary for an in-depth understanding of insider activities that the insider performs in the organization. In this study, we propose a new conceptual method for insider threat detection on the basis of the behaviors of an insider. In addition, gated recurrent unit neural network will be explored further to enhance the insider threat detector. This method will identify the optimal behavioral pattern of insider actions.</p>
APA, Harvard, Vancouver, ISO, and other styles
6

Adikari, Swini. "Countering the Threat of Nuclear Terrorism Arising from Malicious Insiders." Global Affairs Review 1, no. 2 (June 15, 2021): 1–18. http://dx.doi.org/10.51330/gar.0020214.

Full text
Abstract:
Nuclear theft from malicious insiders is a significant threat to Pakistan’s nuclear weapons arsenal. Pakistan is a member of the Convention of the Physical Protection of Nuclear Material (CPPNM), which is an international agreement that adheres to the protection of nuclear materials and the recovery of stolen nuclear materials. However, this agreement does not specifically take into account the risk of security breaches arising from malicious insiders due to Pakistan’s rapidly growing nuclear arsenal. The purpose of this paper is to examine the heightened risk of insider threats in conjunction with Pakistan’s increasing nuclear force structure. The first section of the paper examines the history of the development of Pakistan’s nuclear weapons programme and discusses Pakistan’s current nuclear force structure. The second section examines the international and domestic policies that Pakistan follows to address the issue of insider threats to Pakistan’s nuclear facilities. The final section proposes two policy alternatives to address Pakistan’s growing insider threat risks and outlines how the Design Basis Threat assessment is the most effective solution for Pakistan’s growing insider threat.
APA, Harvard, Vancouver, ISO, and other styles
7

Kim, Park, Kim, Cho, and Kang. "Insider Threat Detection Based on User Behavior Modeling and Anomaly Detection Algorithms." Applied Sciences 9, no. 19 (September 25, 2019): 4018. http://dx.doi.org/10.3390/app9194018.

Full text
Abstract:
Insider threats are malicious activities by authorized users, such as theft of intellectual property or security information, fraud, and sabotage. Although the number of insider threats is much lower than external network attacks, insider threats can cause extensive damage. As insiders are very familiar with an organization’s system, it is very difficult to detect their malicious behavior. Traditional insider-threat detection methods focus on rule-based approaches built by domain experts, but they are neither flexible nor robust. In this paper, we propose insider-threat detection methods based on user behavior modeling and anomaly detection algorithms. Based on user log data, we constructed three types of datasets: user’s daily activity summary, e-mail contents topic distribution, and user’s weekly e-mail communication history. Then, we applied four anomaly detection algorithms and their combinations to detect malicious activities. Experimental results indicate that the proposed framework can work well for imbalanced datasets in which there are only a few insider threats and where no domain experts’ knowledge is provided.
APA, Harvard, Vancouver, ISO, and other styles
8

Soleh, Musdi Muhammad. "A Study Case in NTMC POLRI: Reducing Data Breach Risk from Insider Threats by Using Risk IT Framework." ACMIT Proceedings 3, no. 1 (March 18, 2019): 171–79. http://dx.doi.org/10.33555/acmit.v3i1.41.

Full text
Abstract:
Risks is not only merely comes from external threats, it is also comes from inside - internal actor. Vormetric Insider Threat mentioned that in 800 surveyed enterprise companies, 89% vulnerable to insider attacks [1]. It mentioned that Data Breach issue the highest risk happened to the company caused by insider threats. This paper will analyse the insider attacks, Risk IT framework will be used toreduce to reduce and prevent these vulnerabilities in valuable assets.
APA, Harvard, Vancouver, ISO, and other styles
9

Yilmaz, Erhan, and Ozgu Can. "Unveiling Shadows: Harnessing Artificial Intelligence for Insider Threat Detection." Engineering, Technology & Applied Science Research 14, no. 2 (April 2, 2024): 13341–46. http://dx.doi.org/10.48084/etasr.6911.

Full text
Abstract:
Insider threats pose a significant risk to organizations, necessitating robust detection mechanisms to safeguard against potential damage. Traditional methods struggle to detect insider threats operating within authorized access. Therefore, the use of Artificial Intelligence (AI) techniques is essential. This study aimed to provide valuable insights for insider threat research by synthesizing advanced AI methodologies that offer promising avenues to enhance organizational cybersecurity defenses. For this purpose, this paper explores the intersection of AI and insider threat detection by acknowledging organizations' challenges in identifying and preventing malicious activities by insiders. In this context, the limitations of traditional methods are recognized, and AI techniques, including user behavior analytics, Natural Language Processing (NLP), Large Language Models (LLMs), and Graph-based approaches, are investigated as potential solutions to provide more effective detection mechanisms. For this purpose, this paper addresses challenges such as the scarcity of insider threat datasets, privacy concerns, and the evolving nature of employee behavior. This study contributes to the field by investigating the feasibility of AI techniques to detect insider threats and presents feasible approaches to strengthening organizational cybersecurity defenses against them. In addition, the paper outlines future research directions in the field by focusing on the importance of multimodal data analysis, human-centric approaches, privacy-preserving techniques, and explainable AI.
APA, Harvard, Vancouver, ISO, and other styles
10

Kim, Jung Hwan, Chul Min Kim, and Man-Sung Yim. "An Investigation of Insider Threat Mitigation Based on EEG Signal Classification." Sensors 20, no. 21 (November 8, 2020): 6365. http://dx.doi.org/10.3390/s20216365.

Full text
Abstract:
This study proposes a scheme to identify insider threats in nuclear facilities through the detection of malicious intentions of potential insiders using subject-wise classification. Based on electroencephalography (EEG) signals, a classification model was developed to identify whether a subject has a malicious intention under scenarios of being forced to become an insider threat. The model also distinguishes insider threat scenarios from everyday conflict scenarios. To support model development, 21-channel EEG signals were measured on 25 healthy subjects, and sets of features were extracted from the time, time–frequency, frequency and nonlinear domains. To select the best use of the available features, automatic selection was performed by random-forest-based algorithms. The k-nearest neighbor, support vector machine with radial kernel, naïve Bayes, and multilayer perceptron algorithms were applied for the classification. By using EEG signals obtained while contemplating becoming an insider threat, the subject-wise model identified malicious intentions with 78.57% accuracy. The model also distinguished insider threat scenarios from everyday conflict scenarios with 93.47% accuracy. These findings could be utilized to support the development of insider threat mitigation systems along with existing trustworthiness assessments in the nuclear industry.
APA, Harvard, Vancouver, ISO, and other styles
11

Hershkowitz, Martin. "The “Insider” Threat." Journal of Police Crisis Negotiations 7, no. 1 (March 6, 2007): 103–11. http://dx.doi.org/10.1300/j173v07n01_06.

Full text
APA, Harvard, Vancouver, ISO, and other styles
12

Nostro, Nicola, Andrea Ceccarelli, Andrea Bondavalli, and Francesco Brancati. "Insider Threat Assessment." ACM SIGOPS Operating Systems Review 48, no. 2 (December 5, 2014): 3–12. http://dx.doi.org/10.1145/2694737.2694740.

Full text
APA, Harvard, Vancouver, ISO, and other styles
13

Saxena, Neetesh, Emma Hayes, Elisa Bertino, Patrick Ojo, Kim-Kwang Raymond Choo, and Pete Burnap. "Impact and Key Challenges of Insider Threats on Organizations and Critical Businesses." Electronics 9, no. 9 (September 7, 2020): 1460. http://dx.doi.org/10.3390/electronics9091460.

Full text
Abstract:
The insider threat has consistently been identified as a key threat to organizations and governments. Understanding the nature of insider threats and the related threat landscape can help in forming mitigation strategies, including non-technical means. In this paper, we survey and highlight challenges associated with the identification and detection of insider threats in both public and private sector organizations, especially those part of a nation’s critical infrastructure. We explore the utility of the cyber kill chain to understand insider threats, as well as understanding the underpinning human behavior and psychological factors. The existing defense techniques are discussed and critically analyzed, and improvements are suggested, in line with the current state-of-the-art cyber security requirements. Finally, open problems related to the insider threat are identified and future research directions are discussed.
APA, Harvard, Vancouver, ISO, and other styles
14

Jason Slaughter, Carole E. Chaski, and Kellep Charles. "Emotion analysis based on belief of targeted individual supporting insider threat detection." International Journal of Science and Research Archive 11, no. 2 (March 30, 2024): 226–37. http://dx.doi.org/10.30574/ijsra.2024.11.2.0393.

Full text
Abstract:
Unintentional Insider Threat is the concept that an insider threat event may occur unintentionally versus maliciously. Individuals who believe they are being targeted may be at increased risk of being insider threats. Based on a previous survey titled A Survey of Unintentional Medical Insider Threat Category, it was found that both medical and psychological problems may lead to feeling targeted. It was further found that Insider Threat programs should be updated to include trained personnel in both medicine and psychology in addition to cybersecurity to address the risk.
APA, Harvard, Vancouver, ISO, and other styles
15

Wang, Jiarong, Qianran Sun, and Caiqiu Zhou. "Insider Threat Detection Based on Deep Clustering of Multi-Source Behavioral Events." Applied Sciences 13, no. 24 (December 6, 2023): 13021. http://dx.doi.org/10.3390/app132413021.

Full text
Abstract:
With the continuous advancement of enterprise digitization, insider threats have become one of the primary cybersecurity concerns for organizations. Therefore, it is of great significance to develop an effective insider threat detection mechanism to ensure the security of enterprises. Most methods rely on artificial feature engineering and input the extracted user behavior features into a clustering-based unsupervised machine learning model for insider threat detection. However, feature extraction is independent of clustering-based unsupervised machine learning. As a result, user behavior features are not the most appropriate for clustering-based unsupervised machine learning, and thus, they reduce the insider threat detection accuracy. This paper proposes an insider threat detection method based on the deep clustering of multi-source behavioral events. On the one hand, the proposed method constructs an end-to-end deep clustering network and automatically learns the user behavior feature expression from multi-source behavioral event sequences. On the other hand, a deep clustering objective function is presented to jointly optimize the learning of feature representations and the clustering task for insider threat detection. This optimization can adjust the optimal user behavior features for the clustering model to improve the insider threat detection accuracy. The experimental results show that the proposed end-to-end insider threat detection model can accurately identify insider threats based on abnormal multi-source user behaviors in enterprise networks.
APA, Harvard, Vancouver, ISO, and other styles
16

Al-Shehari, Taher, and Rakan A. Alsowail. "An Insider Data Leakage Detection Using One-Hot Encoding, Synthetic Minority Oversampling and Machine Learning Techniques." Entropy 23, no. 10 (September 27, 2021): 1258. http://dx.doi.org/10.3390/e23101258.

Full text
Abstract:
Insider threats are malicious acts that can be carried out by an authorized employee within an organization. Insider threats represent a major cybersecurity challenge for private and public organizations, as an insider attack can cause extensive damage to organization assets much more than external attacks. Most existing approaches in the field of insider threat focused on detecting general insider attack scenarios. However, insider attacks can be carried out in different ways, and the most dangerous one is a data leakage attack that can be executed by a malicious insider before his/her leaving an organization. This paper proposes a machine learning-based model for detecting such serious insider threat incidents. The proposed model addresses the possible bias of detection results that can occur due to an inappropriate encoding process by employing the feature scaling and one-hot encoding techniques. Furthermore, the imbalance issue of the utilized dataset is also addressed utilizing the synthetic minority oversampling technique (SMOTE). Well known machine learning algorithms are employed to detect the most accurate classifier that can detect data leakage events executed by malicious insiders during the sensitive period before they leave an organization. We provide a proof of concept for our model by applying it on CMU-CERT Insider Threat Dataset and comparing its performance with the ground truth. The experimental results show that our model detects insider data leakage events with an AUC-ROC value of 0.99, outperforming the existing approaches that are validated on the same dataset. The proposed model provides effective methods to address possible bias and class imbalance issues for the aim of devising an effective insider data leakage detection system.
APA, Harvard, Vancouver, ISO, and other styles
17

Clarke, Karla, Yair Levy, Laurie Dringus, and Shonda Brown. "How workplace satisfaction affects insider threat detection as a vital variable for the mitigation of malicious cyber insiders." Online Journal of Applied Knowledge Management 7, no. 1 (May 22, 2019): 40–52. http://dx.doi.org/10.36965/ojakm.2019.7(1)40-52.

Full text
Abstract:
Insider threat mitigation is a growing challenge within organizations. The development of a novel alert visualization dashboard for the identification of potentially malicious cyber insider threats was identified as necessary to alleviate this challenge. This research developed a cyber insider threat dashboard visualization prototype for detecting potentially malicious cyber insider activities QUICK.v™. This study utilized Subject Matter Experts (SMEs) by applying the Delphi Method to identify the most critical cyber visualization variables and ranking. This paper contains the detailed results of a survey based experimental research study that identified the critical cybersecurity variables also referred to as cybersecurity vital signs. The identified vital signs will aid cybersecurity analysts with triage for potentially malicious insider threats. From a total of 45 analytic variables assessed by 42 cybersecurity SMEs, the top six variables were identified using a comprehensive data collection process. The results indicated that workplace satisfaction is one of the top critical cyber visualization variables that should be measured and visualized to aid cybersecurity analysts in the detection of potentially malicious cyber insider threat activities. The process of the data collection to identify and rank critical cyber visualization variables are described.
APA, Harvard, Vancouver, ISO, and other styles
18

Zhu, Taiming, Yuanbo Guo, Ankang Ju, Jun Ma, and Xuan Wang. "An Insider Threat Detection Method Based on Business Process Mining." International Journal of Business Data Communications and Networking 13, no. 2 (July 2017): 83–98. http://dx.doi.org/10.4018/ijbdcn.2017070107.

Full text
Abstract:
Current intrusion detection systems are mostly for detecting external attacks, but the “Prism Door” and other similar events indicate that internal staff may bring greater harm to organizations in information security. Traditional insider threat detection methods only consider the audit records of personal behavior and failed to combine it with business activities, which may miss the insider threat happened during a business process. The authors consider operators' behavior and correctness and performance of the business activities, propose a business process mining based insider threat detection system. The system firstly establishes the normal profiles of business activities and the operators by mining the business log, and then detects specific anomalies by comparing the content of real-time log with the corresponding normal profile in order to find out the insiders and the threats they have brought. The relating anomalies are defined and the corresponding detection algorithms are presented. The authors have performed experimentation using the ProM framework and Java programming, with five synthetic business cases, and found that the system can effectively identify anomalies of both operators and business activities that may be indicative of potential insider threat.
APA, Harvard, Vancouver, ISO, and other styles
19

Qin, Heng, and Jin Hui Zhao. "Insider Threat Detection with Behavior-Based Attestation." Applied Mechanics and Materials 568-570 (June 2014): 1370–75. http://dx.doi.org/10.4028/www.scientific.net/amm.568-570.1370.

Full text
Abstract:
Insiders, who have the lawful authority in network information system, formed a huge threat to security by abuse and misuse of authority. It has become one of huge challenge to the security of information system. Against the features of more subtle and more difficult to find, this paper study how to perceive the trusted behavior of insiders with behavior-based attestation. Taking into account the impact of various uncertainties in monitoring and perception process, dynamic awareness model of insider threat is presented based on subjective logic. In order to find the insider threats, monitoring data of actual behaviors are compared with operation tree; legality of the user behavior dynamically analyzed according to historical experience and current experience; the trust of user behavior legitimacy is represented as trust point in subjective logic. Finally, experiments are employed to test the validity and applicability of proposed method.
APA, Harvard, Vancouver, ISO, and other styles
20

Fyffe, George. "Addressing the insider threat." Network Security 2008, no. 3 (March 2008): 11–14. http://dx.doi.org/10.1016/s1353-4858(08)70031-x.

Full text
APA, Harvard, Vancouver, ISO, and other styles
21

Pfleeger, Shari Lawrence, and Salvatore J. Stolfo. "Addressing the Insider Threat." IEEE Security & Privacy Magazine 7, no. 6 (November 2009): 10–13. http://dx.doi.org/10.1109/msp.2009.146.

Full text
APA, Harvard, Vancouver, ISO, and other styles
22

WATANABE, Kazumi. "Insider cyber-threat study:." Proceedings of the Annual Convention of the Japanese Psychological Association 74 (September 20, 2010): 3PM145. http://dx.doi.org/10.4992/pacjpa.74.0_3pm145.

Full text
APA, Harvard, Vancouver, ISO, and other styles
23

Ruba, Ruba, and Hanan AlShaher. "Insider Threat Detection: Exploring User Event Behavior Analytics and Machine Learning in Security Reviews." Journal of Cybersecurity and Information Management 13, no. 2 (2024): 171–81. http://dx.doi.org/10.54216/jcim.130213.

Full text
Abstract:
With the exponential increase in technology use, insider threats are also growing in scale and importance, becoming one of the biggest challenges for government and corporate information security. Recent research shows that insider threats are more costly than external threats, making it critical for organizations to protect their information security. Effective insider threat detection requires the use of the latest models and technologies. Although a large number of insider threats have been discovered, the field is still limited by many issues, such as data imbalance, false positives, and a lack of accurate data, which require further research. This survey investigates the existing approaches and technologies for insider threat detection. It finds and summarizes relevant studies from different databases, followed by a detailed comparison. It also examines the types of data used and the machine learning models employed to detect these threats. It discusses the challenges researchers face in detecting insider threats and future trends in the field.
APA, Harvard, Vancouver, ISO, and other styles
24

Munro, Victor. "Applying Insider Risk Mitigation: Contemporary Issues." Journal of Intelligence, Conflict, and Warfare 6, no. 2 (November 24, 2023): 84–89. http://dx.doi.org/10.21810/jicw.v6i2.6251.

Full text
Abstract:
On July 20, 2023, Victor Munro, Executive Director of the Insider Risk Management Centre of Excellence, presented on the contemporary issues surrounding the field of insider risk management. The presentation focused on three significant areas: 1) the nexus between whistleblower protections and insider threat management; 2) the balance of mitigating threats without compromising; and 3) the post-COVID impact on threat vectors and role of artificial intelligence in threat mitigation and organizational culture. The presentation was followed by a question-and-answer period with questions from the audience and CASIS Vancouver executives. The key points discussed were technical/behavioral indicators related to at-risk employees and distinction between intentional and unintentional threat behaviors
APA, Harvard, Vancouver, ISO, and other styles
25

Shevchenko, Svitlana, Yuliia Zhdanovа, Pavlo Skladannyi, and Sofia Boiko. "INSIDERS AND INSIDER INFORMATION: ESSENCE, THREATS, ACTIVITIES AND LEGAL RESPONSIBILITY." Cybersecurity: Education, Science, Technique 3, no. 15 (2022): 175–85. http://dx.doi.org/10.28925/2663-4023.2022.15.175185.

Full text
Abstract:
The constant development of information technologies, the growing role at the present stage of human potential create new internal threats to the information security of enterprises. The article investigates and analyzes the problems of information security associated with internal violators of companies and their insider activity. Economic reports and analytical materials allowed to determine the relevance and importance of this work. Based on scientific literature, a review of various approaches to the definition of "insider" and "insider information" was carried out. The main key indicators of the insider and signs of insider information are described. The classification of data sources for the study of insider threats is presented, among which real data of the system journal and data from social networks are allocated; analytical information with synthetic anomalies; simulated data due to the formation of stochastic models; theoretical and gaming approach. Insider threat detection algorithms are described depending on intentions, behavior, capabilities of insiders, how resources are used, as well as models involving several algorithms. The normative issues of protection of insider information from unauthorized disclosure and legal responsibility for illegal use of insider information in Ukrainian legislation are covered.
APA, Harvard, Vancouver, ISO, and other styles
26

Zatonatskiy, D., V. Marhasova, and N. Korogod. "INSIDER THREAT MANAGEMENT AS AN ELEMENT OF THE CORPORATE ECONOMIC SECURITY." Financial and credit activity: problems of theory and practice 1, no. 36 (February 17, 2021): 149–58. http://dx.doi.org/10.18371/fcaptp.v1i36.227690.

Full text
Abstract:
This paper considers the insider threats in the companies from different sectors and various methods of their assessment. The problem of information leakage is becoming increasingly important for companies in all areas of economic activity. The problem of insider threats is becoming increasingly important, as the company may incur losses not only due to the leakage of information about its inventions, but also through lawsuits in case of theft of personal information of the customers, contractors and more. This means that in order to gain access to the international markets, Ukrainian companies must have an appropriate level of protection not only of the company’s confidential information, but also of the data on customers, contractors, etc. The objective of the article is to analyze the existing methodological approaches to the assessment of insider threats in the enterprise as a component of personnel and economic security. We came to the conclusion that different industries have different vulnerabilities to insider threats and different approaches to insider threat management. It was determined that information leaks are a serious threat to the company’s economic and personnel security. It was discovered that firms have achieved significant improvements and developed effective procedures for counteracting external threats, however, protection against insider attacks remains rather low. In the course of the research, the concept of an insider attacker was defined, the types of insider threats were established, and the main actions of the personnel prior to the insider attack were outlined. It was proved that the degree of insider threat is determined by the type of activity of the company and the liquidity of information that may be leaked. Most leaks are observed in high-tech companies and medical institutions, while the most liquid is the information of banks, financial institutions, industrial and commercial companies.
APA, Harvard, Vancouver, ISO, and other styles
27

Burrell, Darrell Norman, Calvin Nobles, Austin Cusak, Marwan Omar, and Lemie Gillesania. "CYBERCRIME AND THE NATURE OF INSIDER THREAT COMPLEXITIES IN HEALTHCARE AND BIOTECHNOLOGY ENGINEERING ORGANIZATIONS." JOURNAL OF CRIME AND CRIMINAL BEHAVIOR 2, no. 2 (2022): 131–44. http://dx.doi.org/10.47509/jccb.2022.v02i02.04.

Full text
Abstract:
This article explores the nature of cybersecurity professionals being insider threats to their own organization, as well as the general increase in harder-to-detect threats coming from an ever-widening acceptance of third-party insiders, which organizations, biotechnology engineering, and other healthcare organizations rely on. After examining the current and emerging literature on how individuals are motivated to engage in problematic workplace behaviors as a means of gaining their specific goal or need, the paper articulates malicious cybersecurity insider threat indicators, then provides best practices for reducing the risk of these threats in healthcare and biotechnology engineering organizations.
APA, Harvard, Vancouver, ISO, and other styles
28

Zeng, Min, Chuanzhou Dian, and Yaoyao Wei. "Risk Assessment of Insider Threats Based on IHFACS-BN." Sustainability 15, no. 1 (December 28, 2022): 491. http://dx.doi.org/10.3390/su15010491.

Full text
Abstract:
Insider threats, as one of the pressing challenges that threaten an organization’s information assets, usually result in considerable losses to the business. It is necessary to explore the key human factors that enterprise information security management should focus on preventing to reduce the probability of insider threats effectively. This paper first puts forward the improved Human Factors Analysis and Classification System (IHFACS) based on actual enterprise management. Then, the enterprise internal threat risk assessment model is constructed using the Bayesian network, expert evaluation, and fuzzy set theory. Forty-three classic insider threat cases from China, the United States, and Israel during 2009–2021 are selected as samples. Then, reasoning and sensitivity analysis recognizes the top 10 most critical human factors of the accident and the most likely causal chain of unsafe acts. The result shows that the most unsafe behavior was not assessing employees’ familiarity with the company’s internal security policies. In addition, improving the organizational impact of information security can effectively reduce internal threats and promote the sustainable development of enterprises.
APA, Harvard, Vancouver, ISO, and other styles
29

Alsowail, Rakan A., and Taher Al-Shehari. "Techniques and countermeasures for preventing insider threats." PeerJ Computer Science 8 (April 1, 2022): e938. http://dx.doi.org/10.7717/peerj-cs.938.

Full text
Abstract:
With the wide use of technologies nowadays, various security issues have emerged. Public and private sectors are both spending a large portion of their budget to protect the confidentiality, integrity, and availability of their data from possible attacks. Among these attacks are insider attacks which are more serious than external attacks, as insiders are authorized users who have legitimate access to sensitive assets of an organization. As a result, several studies exist in the literature aimed to develop techniques and tools to detect and prevent various types of insider threats. This article reviews different techniques and countermeasures that are proposed to prevent insider attacks. A unified classification model is proposed to classify the insider threat prevention approaches into two categories (biometric-based and asset-based metric). The biometric-based category is also classified into (physiological, behavioral and physical), while the asset metric-based category is also classified into (host, network and combined). This classification systematizes the reviewed approaches that are validated with empirical results utilizing the grounded theory method for rigorous literature review. Additionally, the article compares and discusses significant theoretical and empirical factors that play a key role in the effectiveness of insider threat prevention approaches (e.g., datasets, feature domains, classification algorithms, evaluation metrics, real-world simulation, stability and scalability, etc.). Major challenges are also highlighted which need to be considered when deploying real-world insider threat prevention systems. Some research gaps and recommendations are also presented for future research directions.
APA, Harvard, Vancouver, ISO, and other styles
30

Singh Lodhi, Manvendra, and Rahul Kaul. "Detecting Unknown Insider Threat Scenarios." International Journal on Computational Science & Applications 6, no. 5/6 (December 31, 2016): 15–21. http://dx.doi.org/10.5121/ijcsa.2016.6602.

Full text
APA, Harvard, Vancouver, ISO, and other styles
31

McKenna, Brian. "Danger of the insider threat." Infosecurity 4, no. 2 (March 2007): 5. http://dx.doi.org/10.1016/s1754-4548(07)70025-6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
32

Bulpett, Ben. "Safeguarding against the insider threat." Network Security 2020, no. 6 (June 2020): 14–17. http://dx.doi.org/10.1016/s1353-4858(20)30068-4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
33

Greitzer, Frank L., Andrew P. Moore, Dawn M. Cappelli, Dee H. Andrews, Lynn A. Carroll, and Thomas D. Hull. "Combating the Insider Cyber Threat." IEEE Security & Privacy Magazine 6, no. 1 (2008): 61–64. http://dx.doi.org/10.1109/msp.2008.8.

Full text
APA, Harvard, Vancouver, ISO, and other styles
34

Archuleta, Edmund G., and Jack Moyer. "Guarding Against the Insider Threat." Journal - American Water Works Association 101, no. 5 (May 2009): 38–44. http://dx.doi.org/10.1002/j.1551-8833.2009.tb09891.x.

Full text
APA, Harvard, Vancouver, ISO, and other styles
35

Nicolaou, Andreas, Stavros Shiaeles, and Nick Savage. "Mitigating Insider Threats Using Bio-Inspired Models." Applied Sciences 10, no. 15 (July 22, 2020): 5046. http://dx.doi.org/10.3390/app10155046.

Full text
Abstract:
Insider threats have become a considerable information security issue that governments and organizations must face. The implementation of security policies and procedures may not be enough to protect organizational assets. Even with the evolution of information and network security technology, the threat from insiders is increasing. Many researchers are approaching this issue with various methods in order to develop a model that will help organizations to reduce their exposure to the threat and prevent damage to their assets. In this paper, we approach the insider threat problem and attempt to mitigate it by developing a machine learning model based on Bio-inspired computing. The model was developed by using an existing unsupervised learning algorithm for anomaly detection and we fitted the model to a synthetic dataset to detect outliers. We explore swarm intelligence algorithms and their performance on feature selection optimization for improving the performance of the machine learning model. The results show that swarm intelligence algorithms perform well on feature selection optimization and the generated, near-optimal, subset of features has a similar performance to the original one.
APA, Harvard, Vancouver, ISO, and other styles
36

Gaiduk, K. A., and A. Y. Iskhakov. "Using machine learning techniques for insider threat detection." Herald of the Siberian State University of Telecommunications and Informatics 16, no. 4 (December 4, 2022): 80–95. http://dx.doi.org/10.55648/1998-6920-2022-16-4-80-95.

Full text
Abstract:
This paper presents an analysis of algorithms and approaches used to solve the problem of identifying insider threats using machine learning techniques. Internal threat detection in the context of this research is reduced to the task of detecting anomalies in the audit logs of access subjects' actions. The paper formalizes the main directions of insider threats detection and presents popular machine learning algorithms. The paper raises the problem of objective evaluation of research and development in the subject area. Based on the analysis recommendations for the implementation of internal threat detection systems using machine learning algorithms are developed.
APA, Harvard, Vancouver, ISO, and other styles
37

Gayathri, R. G., Atul Sajjanhar, and Yong Xiang. "Image-Based Feature Representation for Insider Threat Classification." Applied Sciences 10, no. 14 (July 18, 2020): 4945. http://dx.doi.org/10.3390/app10144945.

Full text
Abstract:
Cybersecurity attacks can arise from internal and external sources. The attacks perpetrated by internal sources are also referred to as insider threats. These are a cause of serious concern to organizations because of the significant damage that can be inflicted by malicious insiders. In this paper, we propose an approach for insider threat classification which is motivated by the effectiveness of pre-trained deep convolutional neural networks (DCNNs) for image classification. In the proposed approach, we extract features from usage patterns of insiders and represent these features as images. Hence, images are used to represent the resource access patterns of the employees within an organization. After construction of images, we use pre-trained DCNNs for anomaly detection, with the aim to identify malicious insiders. Random under sampling is used for reducing the class imbalance issue. The proposed approach is evaluated using the MobileNetV2, VGG19, and ResNet50 pre-trained models, and a benchmark dataset. Experimental results show that the proposed method is effective and outperforms other state-of-the-art methods.
APA, Harvard, Vancouver, ISO, and other styles
38

Itai, Yaya, and Emmanuel Onwubiko. "Combating insider fraud in Financial Institutions/impact." INTERNATIONAL JOURNAL OF MANAGEMENT & INFORMATION TECHNOLOGY 14 (January 17, 2019): 3351–58. http://dx.doi.org/10.24297/ijmit.v14i0.8010.

Full text
Abstract:
The fear of fraud is constant. Unfortunately, now more than ever before, fraud is being committed by employees on the inside, the very people who are supposed to be supporting and protecting an organization. Even though the financial industry is one of the most regulated, financial institution are still getting with the highest rate of internal fraud. Insider threat has always existed within each Financial Institution. In the recent years, insider threat has become a more prominent issue because of the emerging trends in the workplace. This change to a more flexible and productive workplace environment allows employees to easily gain access to an organization’s critical and sensitive information. While the risk of insider threat has certainly increased, Financial Institution have not deployed enough controls to mitigate this risk either because they believe that the frequency of such threat is very low or because they feel powerless to do so. This paper tends to employ techniques that would abate the spate of Insider fraud and cybercrime on customer transactions and insider processing which is in full compliance with most regulatory mandate of Countries Government bank.
APA, Harvard, Vancouver, ISO, and other styles
39

Franqueira, Virginia N. L., André van Cleeff, Pascal van Eck, and Roel J. Wieringa. "Engineering Security Agreements Against External Insider Threat." Information Resources Management Journal 26, no. 4 (October 2013): 66–91. http://dx.doi.org/10.4018/irmj.2013100104.

Full text
Abstract:
Companies are increasingly engaging in complex inter-organisational networks of business and trading partners, service and managed security providers to run their operations. Therefore, it is now common to outsource critical business processes and to completely move IT resources to the custody of third parties. Such extended enterprises create individuals who are neither completely insiders nor outsiders of a company, requiring new solutions to mitigate the security threat they cause. This paper improves the method introduced in Franqueira et al. (2012) for the analysis of such threat to support negotiation of security agreements in B2B contracts. The method, illustrated via a manufacturer-retailer example, has three main ingredients: modelling to scope the analysis and to identify external insider roles, access matrix to obtain need-to-know requirements, and reverse-engineering of security best practices to analyse both pose-threat and enforce-security perspectives of external insider roles. The paper also proposes future research directions to overcome challenges identified.
APA, Harvard, Vancouver, ISO, and other styles
40

Park, Won, Youngin You, and Kyungho Lee. "Detecting Potential Insider Threat: Analyzing Insiders’ Sentiment Exposed in Social Media." Security and Communication Networks 2018 (July 18, 2018): 1–8. http://dx.doi.org/10.1155/2018/7243296.

Full text
Abstract:
In the era of Internet of Things (IoT), impact of social media is increasing gradually. With the huge progress in the IoT device, insider threat is becoming much more dangerous. Trying to find what kind of people are in high risk for the organization, about one million of tweets were analyzed by sentiment analysis methodology. Dataset made by the web service “Sentiment140” was used to find possible malicious insider. Based on the analysis of the sentiment level, users with negative sentiments were classified by the criteria and then selected as possible malicious insiders according to the threat level. Machine learning algorithms in the open-sourced machine learning software “Weka (Waikato Environment for Knowledge Analysis)” were used to find the possible malicious insider. Decision Tree had the highest accuracy among supervised learning algorithms and K-Means had the highest accuracy among unsupervised learning. In addition, we extract the frequently used words from the topic modeling technique and then verified the analysis results by matching them to the information security compliance elements. These findings can contribute to achieve higher detection accuracy by combining individual’s characteristics to the previous studies such as analyzing system behavior.
APA, Harvard, Vancouver, ISO, and other styles
41

PARVEEN, PALLABI, NATHAN MCDANIEL, ZACKARY WEGER, JONATHAN EVANS, BHAVANI THURAISINGHAM, KEVIN HAMLEN, and LATIFUR KHAN. "EVOLVING INSIDER THREAT DETECTION STREAM MINING PERSPECTIVE." International Journal on Artificial Intelligence Tools 22, no. 05 (October 2013): 1360013. http://dx.doi.org/10.1142/s0218213013600130.

Full text
Abstract:
Evidence of malicious insider activity is often buried within large data streams, such as system logs accumulated over months or years. Ensemble-based stream mining leverages multiple classification models to achieve highly accurate anomaly detection in such streams, even when the stream is unbounded, evolving, and unlabeled. This makes the approach effective for identifying insider threats who attempt to conceal their activities by varying their behaviors over time. This paper applies ensemble-based stream mining, supervised and unsupervised learning, and graph-based anomaly detection to the problem of insider threat detection. It demonstrates that the ensemble-based approach is significantly more effective than traditional single-model methods, supervised learning outperforms unsupervised learning, and increasing the cost of false negatives correlates to higher accuracy. Future work will consider a wider range of tunable parameters in an effort to further reduce false positives, include a more sophisticated polling algorithm for weighting better models, and implement parallelization to lower runtimes to more rapidly detect emerging insider threats.
APA, Harvard, Vancouver, ISO, and other styles
42

Idris, Ismaila, and Adeleke Nafisa Damilola. "Systematic Literature Review and Metadata Analysis of Insider Threat Detection Mechanism." International Journal of Computer Science and Mobile Computing 12, no. 4 (April 30, 2023): 60–88. http://dx.doi.org/10.47760/ijcsmc.2023.v12i04.007.

Full text
Abstract:
Insider threat refers to the risk caused to an organization's security, assets, or data by individuals who have authorized access to these resources, such as employees, contractors, or partners. The aim of an insider threat is usually to exploit their access to sensitive information or systems to carry out malicious activities, such as stealing intellectual property, financial data, or sensitive information, sabotaging systems, or processes, or committing fraud. This systematic literature analysed the anatomy of insider threat, including its trends and mode of attacks to find the possible solutions by querying various academic literature. Sources of insider threat dataset are revealed in this review paper to ease the challenges of researchers in getting access to insider datasets. In addition, a taxonomy of insider threat current trends is presented in the paper. This review can serve as a benchmark for researchers in proposing a novel insider threat detection methodology and starting point for novice researchers.
APA, Harvard, Vancouver, ISO, and other styles
43

Abu Bakar, Rahimah, Bahbibi Rahmatullah, Erni Munastiwi, and Omar Dheyab. "A confirmatory analysis of the prevention insider threat in organization information system." Journal of Technology and Humanities 2, no. 1 (May 19, 2021): 20–30. http://dx.doi.org/10.53797/jthkkss.v2i1.3.2021.

Full text
Abstract:
Many issues related to insider threat in organization had been debated ever since. Although insider attacks may not occur as frequently as external attacks, they have a higher rate of success, go undetected, and pose a much greater risk than external adversaries. In relation to that, it is undeniably the fact that many mechanisms have been proposed to be an initiative to protect data from outside attacks. However, those mechanisms could not protect data from authorized users who may misuse their privileges. Due to that circumstances, the development of mechanisms that protect sensitive data from insiders somehow become pitch demand as in method to prevent harm caused by malicious insiders. The method of this research is the quantitative method using a questionnaire. The findings have contributed to developing a framework that will be used to prevent insider threat in an organization in the future.
APA, Harvard, Vancouver, ISO, and other styles
44

KumarMandal, Kunal, and Debayan Chatterjee. "Insider Threat Mitigation in Cloud Computing." International Journal of Computer Applications 120, no. 20 (June 18, 2015): 7–11. http://dx.doi.org/10.5120/21341-4352.

Full text
APA, Harvard, Vancouver, ISO, and other styles
45

Steele, Sean, and Chris Wargo. "An Introduction to Insider Threat Management." Information Systems Security 16, no. 1 (March 28, 2007): 23–33. http://dx.doi.org/10.1080/10658980601051334.

Full text
APA, Harvard, Vancouver, ISO, and other styles
46

Santos, Eugene, Hien Nguyen, Fei Yu, Keum Joo Kim, Deqing Li, John T. Wilkinson, Adam Olson, Jacob Russell, and Brittany Clark. "Intelligence Analyses and the Insider Threat." IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans 42, no. 2 (March 2012): 331–47. http://dx.doi.org/10.1109/tsmca.2011.2162500.

Full text
APA, Harvard, Vancouver, ISO, and other styles
47

Oladimeji, T. O., C. K. Ayo, and S. E. Adewumi. "Review on Insider Threat Detection Techniques." Journal of Physics: Conference Series 1299 (August 2019): 012046. http://dx.doi.org/10.1088/1742-6596/1299/1/012046.

Full text
APA, Harvard, Vancouver, ISO, and other styles
48

Galdies, Peter. "The insider threat to data assets." Journal of Direct, Data and Digital Marketing Practice 15, no. 3 (January 2014): 197–200. http://dx.doi.org/10.1057/dddmp.2014.2.

Full text
APA, Harvard, Vancouver, ISO, and other styles
49

Walton, Richard, and Walton-Mackenzie Limited. "Balancing the insider and outsider threat." Computer Fraud & Security 2006, no. 11 (November 2006): 8–11. http://dx.doi.org/10.1016/s1361-3723(06)70440-7.

Full text
APA, Harvard, Vancouver, ISO, and other styles
50

Bunyitai, Ákos. "Insider Threat Mitigation in High Security Facilities." Nemzetbiztonsági Szemle 11, no. 1 (May 16, 2023): 49–61. http://dx.doi.org/10.32561/nsz.2023.1.4.

Full text
Abstract:
The biggest challenge for the security in high security facilities is the insider threat, humans as the weakest link of the system. The insider is an invisible enemy of the security, because it has unique capabilities. Although perfect security cannot exist, the aim of the present study – besides showing the threat represented by insider offenders – is to introduce the measures for risk mitigation.
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the bibliographies on the topic 'Insider threat' for other source types:
Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography