Insider threat behavior factors: A comparison of theory with reported incidents

Proceedings of the Annual Hawaii International Conference on System Sciences

Volumn , Issue , 2012, Pages 2402-2411

  Munshi, Asmaa ^a   Dell, Peter ^a   Armstrong, Helen ^a  

^a CURTIN UNIVERSITY   (Australia)

Author keywords

[No Author keywords available]

Indexed keywords

LOSSES;

ACADEMIC LITERATURE; ACADEMIC RESEARCH; BEHAVIOR FACTOR; FINANCIAL LOSS; FUTURE RESEARCH DIRECTIONS; INSIDER THREAT;

EDUCATION;

EID: 84857929348     PISSN: 15301605     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/HICSS.2012.326     Document Type: Conference Paper

References (53)

1. Althebyan, Q., and B. Panda. 2007. A knowledge-base model for insider threat prediction. Proceedings of the 2007 IEEE Workshop on Information Assurance United States Military Academy, West Point: 229-246.
2. Althebyan, Q., and B. Panda. 2008. A Knowledge-Based Bayesian Model for Analyzing a System after an Insider Attack. In Proceedings of The IFIP TC 11 23rd International Information Security Conference, ed. S. Jajodia, P. Samarati and S. Cimato, 557-571. Springer Boston.
3. Band, S., D. M. Cappelli, L. Fischer, A. Moore, E. D. Shaw, and R. Trzeciak. 2006. Comparing Insider IT Sabotage and Espionage: A Model-Based Analysis. CERT Program and SoftwareE ngineering Institute.
4. Bellovin, S. M. 2008. The Insider Attack Problem Nature and Scope. In Insider Attack and Cyber Security, ed. S. J. Stolfo, S. M. Bellovin, A. D. Keromytis, S. Hershkop, S. W. Smith and S. Sinclair, 1-4. Springer US.
5. Besnard, D., and B. Arief. 2004. Computer Security Impaired by Legitimate Users.Computers & Security 23 (3): 253-264.
6. Bishop, M., S. Engle, S. Peisert, S. Whalen, and C. Gates. 2008. We have met the enemy and he is us. InP roceedings of the 2008 workshop on new security paradigms Lake Tahoe, California, USA.
7. Bloombecker, J. 1984 .In Computer Security: a Global Challenge Introduction to computer crime. North-Holland, Amsterdam: Elsevier Science Publishers(accessed
8. Cappelli, D., T. Caron, R. Trzeciak, and A. Moore. 2008. Spotlight On: Programming Techniques Used as an Insider Attack Tool
9. Cappelli, D., A. Moore, T. Shimeall, and R. Trzeciak. 2006 Common Sense Guide to Prevention and Detection of Insider Threats-Version 2.1. CyLab.
10. Cappelli, D., A. Moore, R. Trzeciak, and T. Shimeall. 2009. Common Sense Guide to Prevention and Detection of Insider Threats - Version 3.1. CERT Program, Software Engineering Institute and CyLab.
11. Chinchani, R., A. Iyer, H. Ngo, and S. Upadhyaya. 2005 Towards a theory of insider threat assessment. In IEEE International Conference. Washington, DC. IEEE Computer Society
12. Cohen, F. 2001. The New Cyber Gang - A Real Threat Profile.N etwork Security 2001 (5): 15-17.
13. Cole, E. 2008. Correlating SIM information to Detect Insider Threats A SANS Whitepaper SenSage. http://www.sans.org/reading-room/analysts-program/ SIMInfo-June07.pdf (accessed 8 Mar 2011).
14. Colwill, C. 2010. Human factors in information security: The insider threat - Who can you trust these days? Information Security Technical Report In Press, Corrected Proof
15. Contos, B. 2007. Insider threat monitoring is enhanced by asset relevance.Infosecurity 4 (2): 47-47.
16. Crinson, I. 2008. Assessing the insider-outsider threat' duality in the context of the development of public-private partnerships delivering choice' in healthcare services: A sociomaterial critique.I nformation Security Technical Report 13 (4): 202-206.
17. Dallaway, E. 2008. You're only human. Infosecurity 5 (6): 7-7.
18. Forester, T., and P. Morrison. 1994. Computer Ethics: Cautionary Tales and Ethical Dilemmas in Computing .2 nd ed. Cambridge: MIT Press.
19. Furnell, S. 2004. Enemies within: the problem of insider attacks.Computer Fraud & Security 2004 (7): 6-11.
20. Furnell, S. 2006. Malicious or misinformed? Exploring a contributor to the insider threat.Computer Fraud & Security 2006 (9): 8-12.
21. Fyffe, G. 2008. Addressing the insider threat. Network Security 2008 (3): 11-14.
22. Gonzalez, J., and A. Sawicka. 2002. A framework for human factors in information security. In 2002 WSEAS Int. Conf. on Information Security. Rio de Janeiro, Brazil.
23. Hanley, M., T. Dean, W. Schroeder, M. Houy, R. Trzeciak, and J. Montelibano. 2011. An Analysis of Technical Observations in Insider Theft of Intellectual Property Cases. CERT Program and Software Engineering Institute.
24. Hanley, M., A. Moore, D. Cappelli, and R. Trzeciak. 2009. Spotlight On: Malicious Insiders with Ties to the Internet Underground Community. Software Engineering Institute and CyLab.
25. Hayden, M. 1999. The insider threat to U. S. government information systems. National Security Telecommunications And Information Systems Security Committee.
26. Hitchings, J. 1995. Deficiencies of the traditional approach to information security and the requirements for a new methodology. Computers & Security 14 (5): 377-383.
27. Ho, S. M. 2008. Behavorial parameters of trustworthiness for countering insider threats. In The Third Annual iConference.
28. Hu, N., P. G. Bradford, and J. Liu. 2006. Applying role based access control and genetic algorithms to insider threat detection. In Proceedings of the 44th Annual ACM Southeast Regional Conference (ACM-SE). New York, USA. ACM.
29. Keeney, M., D. Cappelli, E. Kowalski, A. Moore, T. Shimeall, and S. Rogers. 2005. Insider Threat Study: Computer System Sabotage in Critical Infrastructure Sectors. CERT Program and Software Engineering Institute.
30. Kemp, M. 2005. Barbarians inside the gates: addressing internal security threats. Network Security 2005 (6): 11-13.
31. Kowalski, E., D. Cappelli, and A. Moore. 2008. Insider Threat Study: Illicit Cyber Activity in the Information Technology and Telecommunications Sector. U.S. Secret Service and CERT/SEI.
32. Kowalski, E., T. Conway, S. Keverline, M. Williams, D. Cappelli, B. Willke, and A. Moore. 2008. Insider Threat Study: Illicit Cyber Activity in the Government Sector. U.S. Secret Service and CERT/SEI.
33. Liu, D., X. Wang, and J. Camp. 2008. Game-theoretic modeling and analysis of insider threats. International Journal of Critical Infrastructure Protection 1: 75-80.
34. Liu, D., X. Wang, and L. Camp. 2009. Mitigating Inadvertent Insider Threats with Incentives. In Financial Cryptography and Data Security, ed. R. Dingledine and P. Golle, 1-16. Springer Berlin / Heidelberg.
35. Magklaras, G. B., and S. M. Furnell. 2001. Insider Threat Prediction Tool: Evaluating the probability of IT misuse. Computers & Security 21 (1): 62-73.
36. Magklaras, G. B., and S. M. Furnell. 2005. A preliminary model of end user sophistication for insider threat prediction in IT systems. Computers & Security 24 (5): 371-380.
37. Martinez-Moyano, I., E. Rich, S. Conrad, D. Andersen, and T. Stewart. 2008. A behavioral theory of insider threat risks: a system dynamics approach. ACM Transactions on Modeling and Computer Simulation 18 (2): 1-27.
38. Martinez-Moyano, I., M. Samsa, J. Burke, and B. Akcam. 2008. Toward a generic model of security in an organizational context: exploring insider threats to information infrastructure. In Proceedings of the 41st Hawaii International Conference on System Sciences. Hawaii, USA. IEEE Xplore.
39. Moore, A., D. Cappelli, T. Caron, E. Shaw, and R. Trzeciak. 2009. Insider Theft of Intellectual Property for Business Advantage: A Preliminary Model. CERT Program, Software Engineering Institute and CyLab at Carnegie Mellon University.
40. Moore, A., D. Cappelli, and R. Trzeciak. 2008. The "Big Picture" of Insider IT Sabotage Across U.S. Critical Infrastructures. CERT Program and Software Engineering Institute.
41. Nykodym, N., R. Taylor, and J. Vilela. 2005. Criminal profiling and insider cyber crime. Digital Investigation 2 (4): 261-267.
42. Okolica, J., G. Peterson, and R. Mills. 2006. Using PLSI-U To Detect Insider Threats from Email Traffic. In Advances in Digital Forensics II, ed. M. Olivier and S. Shenoi, 91-103. Springer Boston.
43. Pfleeger, C. P. 2008. Reflections on the Insider Threat. In Insider Attack and Cyber Security, ed. S. J. Stolfo, S. M. Bellovin, A. D. Keromytis, S. Hershkop, S. W. Smith and S. Sinclair, 5-16. Springer US.
44. Pramanik, S., V. Sankaranarayanan, and S. Upadhyaya. 2004. Security policies to mitigate insider threat in the document control domain. In Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC'04). Washington, DC, USA. IEEE Computer Society
45. Randazzo, M., M. Keeney, E. Kowalski, D. Cappelli, and A. Moore. 2004. Illicit Cyber Activity in the Banking and Finance Sector. U.S. Secret Service and CERT/SEI.
46. Royds, J. 2009. Virtual battlefield. CIR Magazine.
47. Schultz, E. E. 2002. A framework for understanding and predicting insider attacks. Computers & Security 21 (6): 526-531.
48. Shaw, E., K. G. Ruby, and J. M. Post. 2005. The insider threat to information systems1. the psychology of the dangerous insider. Security Awareness Bulletin, No. 2-98.
49. Shaw, E. D. 2006. The role of behavioral research and profiling in malicious cyber insider investigations. Digital Investigation 3 (1): 20-31.
50. Spooner, D., D. Cappelli, A. Moore, and R. Trzeciak. 2009. Spotlight On: Insider Theft of Intellectual Property inside the U.S. Involving Foreign Governments or Organizations. CERT Program, Software Engineering Institute and CyLab.
51. Walker, T. 2008. Practical management of malicious insider threat - An enterprise CSIRT perspective. Information Security Technical Report 13 (4): 225-234.
52. Walton, R., and W.-M. Limited. 2006. Balancing the insider and outsider threat. Computer Fraud & Security 2006 (11): 8-11.
53. White, J., and B. Panda. 2009. Automatic Identification of Critical Data Items in a Database to Mitigate the Effects of Malicious Insiders. In Information Systems Security, ed. A. Prakash and I. Sen Gupta, 208-221. Springer Berlin / Heidelberg.