Chen, Taolue and Han, Tingting and Kammueller, F. and Nemli, I. and Probst, C.W. (2016) Model based analysis of insider threats. In: UNSPECIFIED (ed.) Cyber Security And Protection Of Digital Services (Cyber Security), 2016 International Conference On. IEEE Computer Society. ISBN 9781509007097.
Text
ci_extendedabstract_25.pdf - Author's Accepted Manuscript Restricted to Repository staff only Download (310kB) | Request a copy |
Abstract
In order to detect malicious insider attacks it is important to model and analyse infrastructures and policies of organisations and the insiders acting within them. We extend formal approaches that allow modelling such scenarios by quantitative aspects to enable a precise analysis of security designs. Our framework enables evaluating the risks of an insider attack to happen quantitatively. The framework first identifies an insider’s intention to perform an inside attack, using Bayesian networks, and in a second phase computes the probability of success for an inside attack by this actor, using probabilistic model checking. We provide prototype tool support using Matlab for Bayesian networks and PRISM for the analysis of Markov decision processes, and validate the framework with case studies.
Metadata
Item Type: | Book Section |
---|---|
Additional Information: | 13-14 June 2016. |
School: | Birkbeck Faculties and Schools > Faculty of Science > School of Computing and Mathematical Sciences |
Research Centres and Institutes: | Data Analytics, Birkbeck Institute for |
Depositing User: | Dr Tingting Han |
Date Deposited: | 21 Apr 2016 13:38 |
Last Modified: | 09 Aug 2023 12:38 |
URI: | https://eprints.bbk.ac.uk/id/eprint/14964 |
Statistics
Additional statistics are available via IRStats2.