Automatic identification of critical data items in a database to mitigate the effects of malicious insiders

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 5905 LNCS, Issue , 2009, Pages 208-221

  White, Jonathan ^a   Panda, Brajendra ^a  

^a University of Arkansas   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

AUTOMATIC IDENTIFICATION; COMPUTER SYSTEM SECURITY; CRITICAL DATA; DATA DEPENDENCIES; DATA ITEMS; DATA SYSTEMS; DIRECTED GRAPHS; FUTURE TECHNOLOGIES; INSIDER THREAT; INTRUSION DETECTION SYSTEMS; MALICIOUS INSIDERS; MISSION CRITICAL; SECURITY ENGINEERS; SECURITY MEASURE;

AUTOMATION; COMPUTER CRIME; DATABASE SYSTEMS; ELECTRONIC DATA INTERCHANGE; INFORMATION SYSTEMS; INTRUSION DETECTION;

NETWORK SECURITY;

EID: 71549155293     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-10772-6_16     Document Type: Conference Paper

References (16)

1. Ray, I., Poolsappasit, N.: Using Attack Trees to Identify Malicious Attacks from Authorized Insiders. In: di Vimercati, S.d.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 231-246. Springer, Heidelberg (2005)
2. Hu, Y., Panda, B.: Identification of Malicious Transactions in Database Systems. In: 7th Intl. Database Engineering and App. Symposium (IDEAS 2003), p. 329 (2003)
3. Zuo, Y., Panda, B.: A Service Oriented System Based Information Flow Model for Damage Assessment. In: 6th IFIP WG 11.5 Working Conference on Integrity and Internal Control in Information Systems, Lausanne, Switzerland, November 13-14 (2003)
4. Cappelli, D., Moore, A., Shimeall, T., Trzeciak, R.: Common Sense Guide to Prevention and Detection of Insider Threats, Carnegie Mellon University (2008)
5. Insider Threat Integrated Process Team, Department of Defense (DoD-IPT), 2000. DoD Insider Threat Mitigation, U.S. Department of Defense (2000)
6. Anderson, R., Bozek, T., Logstaff, T., Meitzler, W., Skroch, M., Wyk, K.V.: Research on mitigating the insider threat to information sys., RAND Corporation Report CF-163 (2000)
7. Whitman, M.: Enemy at the Gate: Threats to Information Security. Communications of the ACM 46(8) (2003)
8. Abbadi, I., Alawneh, M.: Preventing Insider Information Leakage for Enterprises. In: Proceedings of the 2008 Second International Conference on Emerging Security Information, Systems and Technologies, pp. 99-106 (2008)
9. Anderson, R., Brackney, R.: Understanding the Insider Threat. In: Proceedings of a March 2004 Workshop, RAND National Defense Research Institute (2004)
10. Ha, D., Upadhyaya, S., Ngo, H., Pramanik, S., Chinchani, R., Mathew, S.: Insider Threat Analysis Using Information Centric Modeling. In: Craiger, P., Shenoi, S. (eds.) Advances in Digital Forensics III. Springer, Boston (2007)
11. Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.: Automated Generation and Analysis of Attack Graphs. In: Proc. IEEE Symposium on Sec. and Priv., Oakland (2002)
12. Cathey, R., Ma, L., Goharian, N., Grossman, D.: Misuse detection for information retrieval systems. In: CIKM 2003: Proceedings of the twelfth international conference on Information and knowledge management, New York, NY, USA, pp. 183-190 (2003)
13. White, J., Panda, B.: Implementing PII Honeytokens to Mitigate Against the Threat of Malicious Insiders. In: Proc. of the IEEE International Conference on Intelligence and Security Informatics (ISI 2009), Dallas, Texas, p. 233 (2009)
14. White, J., Panda, B., Yaseen, Q., Nguyen, K., Li, W.: Detecting Malicious Insider Threats using a Null Affinity Temporal Three Dimensional Matrix Relation. In: Proc. of the 7th Inl. Workshop on Security in Info. Sys (WOSIS 2009), Milan, pp. 93-102 (2009)
15. Meza, B., Burns, P., Eavenson, M., Palaniswami, D., Sheth, A.: An ontological approach to the document access problem of insider threat. In: Kantor, P., Muresan, G., Roberts, F., Zeng, D.D., Wang, F.-Y., Chen, H., Merkle, R.C. (eds.) ISI 2005. LNCS, vol. 3495, pp. 486-491. Springer, Heidelberg (2005)
16. Bradford, P., Brown, M., Perdue, J., Self, B.: Towards proactive computer-system forensics. In: Proceedings of ITCC, pp. 648-652 (2004)