Towards an insider threat prediction specification language

Information Management and Computer Security

Volumn 14, Issue 4, 2006, Pages 361-381

  Magklaras, G B ^a   Furnell, S M ^a   Brooke, P J ^b  

^a UNIVERSITY OF PLYMOUTH   (United Kingdom)

^b TEESSIDE UNIVERSITY   (United Kingdom)

Author keywords

Data security; Information systems

Indexed keywords

COMPUTER HARDWARE DESCRIPTION LANGUAGES; INFORMATION TECHNOLOGY; SEMANTICS;

INFORMATION SECURITY SURVAY; INFORMATION SYSTEMS; LANGUAGE SEMANTICS; MITIGATION FRAMEWORKS;

SECURITY OF DATA;

EID: 33746645281     PISSN: 09685227     EISSN: None     Source Type: Journal    
DOI: 10.1108/09685220610690826     Document Type: Article

References (34)

1. Aslam, T., Krsul, I. and Spafford, E. (1996), "Use of a taxonomy of security faults", Technical Report TR-96-051, COAST Laboratory, Department of Computer Sciences, Purdue University, IN.
2. Bach, M. (1986), The Design of the UNIX Operating System, Prentice-Hall, Englewood Cliffs, NJ.
3. Beale, J., Foster, J.C. and Posluns, J. (2003), Snort 2.0 Intrusion Detection, Syngress Publishing, Rockland, MA.
4. Caelli, W., Longley, D. and Shain, M. (1991), Information Security Handbook, Stockton Press, New York, NY.
5. CNN.com (2002), "The case against Robert Hanssen", available at: http://edition.cnn.com/SPECIALS/2001/hanssen/.
6. Consel, C. (2004), "From a program family to a domain-specific language", in Lengauer, C., Batory, D., Consel, C. and Odersky, M. (Eds), Domain-Specific Program Generation, Lecture Notes in Computer Science 3016, Springer-Verlag, New York, NY, pp. 19-29.
7. Curry, D., Debar, H. and Feinstein, B. (2004), "The intrusion detection message exchange format", internet draft, Intrusion Detection Exchange Format Working Group, Internet Engineering Task Force, 8 July.
8. Doyle, J. (1999), Some Representational Limitations of the Common Intrusion Specification Language, Laboratory for Computer Science, Massachusetts Institute of Technology, Cambridge, MA, November.
9. Endorf, C., Schultz, E. and Mellander, J. (2003), Intrusion Detection and Prevention: The Authorative Guide to Detecting Malicious Activity, McGraw Hill, New York, NY.
10. Feiertag, R., Kahn, C., Porras, P., Schnackenberg, D., Staniford-Chen, S. and Tung, B. (1999), "A common intrusion specification language (CISL)", available at: www.isi.edu/~brian/cidf/drafts/ language.txt, 11 June.
11. Feinstein, B., Matthews, G. and White, J. (2002), "The intrusion detection exchange protocol (IDXP)", Internet Draft, Intrusion Detection Exchange Format Working Group, Internet Engineering Task Force, 22 April 2003, available at: www.ietf.org/internet-drafts/ draft-ietf-idwg-beep-idxp-07.txt.
12. Frykholm, N. (2000), "Countermeasures against buffer overflow attacks", White Paper, RSA Laboratories.
13. Furnell, S., Magklaras, G., Papadaki, M. and Dowland, P. (2001), "A generic taxonomy for intrusion specification and response", Proceedings of Euromedia 2001, Valencia, Spain, 18-20 April 2001, pp. 125-31.
14. Gibbons, R. (1992), A Primer in Game Theory, Prentice-Hall, Englewood Cliffs, NJ.
15. Helbig, K. (1993) Modelling the Earth for Oil Exploration: Final Report of the CEC's Geoscience I Program 1990-1993, Pergamon Publishing, Oxford.
16. Magklaras, G. (2005), "An architecture for insider misuse threat prediction in IT systems", MPhil Thesis, School of Computing, Communications and Electronics, University of Plymouth, Plymouth.
17. Magklaras, G. and Furnell, S. (2002), "Insider threat prediction tool: evaluating the probability of IT misuse", Computers & Security, Vol. 21 No. 1, pp. 62-73.
18. Magklaras, G. and Furnell, S. (2004), "The insider misuse threat survey: Investigating IT misuse from legitimate users", Proceedings of the 5th Australian Information Warfare & Security Conference, Perth Western Australia, 25-26 November 2004, pp. 42-51.
19. Moore, D., Voelker, G. and Savage, S. (2001), "Inferring internet denial of service activity", Proceedings of the 10th USENIX Security Symposium, Washington DC, August 2001, pp. 9-22.
20. NSTISSAM (1999), The Insider Threat To US Government Information Systems, NSTISSAM INFOSEC/1-99, US National Security Telecommunications And Information Systems Security Committee, available at: www.cnss.gov/ Assets/pdf/nstissam_infosec_1-99.pdf.
21. Pfleeger, C. and Pfleeger, S. (2003), Security in Computing, 3rd ed., Prentice-Hall, Englewood Cliffs, NJ.
22. Postel, J. and Reynolds, J. (1983), "TELNET protocol specification", Request For Comments (RFC) 854, IETF Network Working Group, May.
23. PWC (2004) Information Security Breaches Survey 2004 - Technical Report, available at: www.pwc.com/images/gx/eng/about/svcs/grms/ 2004Technical_Report.pdf.
24. Richardson, R. (2003), "2003 CSI/FBI computer crime and security survey", Computer Security Institute. Spring.
25. Richter, J. (1997), Advanced Windows, Microsoft Press, Redmond, DC.
26. Schultz, E.E. (2002), "A framework for understanding and predicting insider attacks", Computers & Security, Vol. 21 No. 6, pp. 526-31.
27. Sharda, N. (1999), Multimedia Information Networking, Chapter 12, Prentice-Hall, Englewood Cliffs, NJ.
28. Slashdot (2001), "Spying and technology: Robert Philip Hanssen", posting on Slashdot.org, 22 February 2001, available at: http://slashdot.org/articles/01/02/22/0622249.shtml.
29. Tuglular, T. (2000), "A preliminary structural approach to insider computer misuse incidents", EICAR 2000 Best Paper Proceedings, pp. 105-25.
30. W3C (2006), "Extensible markup language, architecture domain, world wide web consortium (W3C)", available at: www.w3.org/XML/.
31. Wood, B. (2000), "An insider threat model for adversary simulation", SRI International, Research on Mitigating the Insider Threat to Information Systems - #2 Proceedings of a Workshop Held by RAND, August 2000.
32. Ylonen, T. (1995), "The SSH (secure shell) remote login protocol", Internet Draft, IETF Network Working Group, 15 November 1995, available at: www.free.lp.se/fish/rfc.txt.
33. Ziegler, R. (2002), LINUX Firewalls, 2nd ed., Chapter 2, New Riders Publishing, Indianapolis, IN, pp. 48-50.
34. Zwicky, E.D., Cooper, S. and Chapman, D.B. (2000), "Building Internet Firewalls", 2nd ed., O'Reilly & Associates, Sebastopol, CA.