Visible to the public Modeling of Insider Threat using Enterprise Automaton

TitleModeling of Insider Threat using Enterprise Automaton
Publication TypeConference Paper
Year of Publication2018
AuthorsRoy, P., Mazumdar, C.
Conference Name2018 Fifth International Conference on Emerging Applications of Information Technology (EAIT)
Keywordsattack detection, authorisation, authorized privileges, Automata, business data processing, Computational modeling, data privacy, enterprise automaton, Enterprise process, Human Behavior, insider, insider agents, insider attacker, insider threat, insider threat modeling, Metrics, nonhuman agents, novel unified model, Organizations, policy-based governance, privacy issues, psycho-social behaviors, pubcrawl, resilience, Resiliency, security, security management, Silicon, Task Analysis
AbstractSubstantial portions of attacks on the security of enterprises are perpetrated by Insiders having authorized privileges. Thus insider threat and attack detection is an important aspect of Security management. In the published literature, efforts are on to model the insider threats based on the behavioral traits of employees. The psycho-social behaviors are hard to encode in the software systems. Also, in some cases, there are privacy issues involved. In this paper, the human and non-human agents in a system are described in a novel unified model. The enterprise is described as an automaton and its states are classified secure, safe, unsafe and compromised. The insider agents and threats are modeled on the basis of the automaton and the model is validated using a case study.
Citation Keyroy_modeling_2018