Aspects of Insider Threats
The insider threat has received considerable attention, and is often cited as the most serious security problem. It is also considered the most difficult problem to deal with, because an “insider” has information and capabilities not known to external attackers. The difficulty in handling the insider threat is reasonable under those circumstances; if one cannot define a problem precisely, how can one approach a solution, let alone know when the problem is solved? This chapter presents some aspects of insider threats, collected at an inter-disciplinary workshop in 2008.
Unable to display preview. Download preview PDF.
- 1.Binney v. Banner Therapy Products, 631 S.E. 2d 848, 850. North Carolina Court of Appeals (2006)Google Scholar
- 2.Bishop, M.: The Insider Problem Revisited. In: Proceedings of the New Security Paradigms Workshop 2005. ACM Press, Lake Arrowhead, CA, USA (2005)Google Scholar
- 3.Bishop, M., Engle, S., Peisert, S., Whalen, T., Gates, C.: Case studies of an insider framework. In: Proceedings of the 42nd Hawaii International Conference on System Sciences (HICSS) (2009)Google Scholar
- 4.Brackney, R.C., Anderson, R.H.: Understanding the insider threat : proceedings of a March 2004 workshop. RAND, Santa Monica, CA : (2004)Google Scholar
- 5.Cappelli, D.M., Moore, A.P., Shaw, E.D.: A Risk Mitigation Model: Lessons Learned From Actual Insider Sabotage. In: Computer Security Institute, 33rd Annual Computer Security Conference and Exhibition (2006)Google Scholar
- 6.Carlson, A.: The unifying policy hierarchy model. Master’s thesis, Department of Computer Science, University of California, Davis (2006)Google Scholar
- 7.Cha, A.E.: Even spies embrace china’s free market. Washington Post, February 15, 2008. Available from http://www.washingtonpost.com/wp-dyn/content/ article/2008/02/14/AR2008 0214 03550.html, last visited March 2010.
- 8.Hawley, C.: The liechtenstein connection—massive tax evasion scandal in germany. Spiegel Online International, 18 February 2008. Available from http://www.spiegel.de/ international/business/0, 1518, 5357 68, 00.html, last visited March 13, 2009.
- 9.Homepage of Dagstuhl Seminar 08302: "Countering Insider Threats". Available from http: //www.dagstuhl.de/08302, last visited December 4, 2008 (2008)
- 10.Keating, D.: Tax suspects guidance on software left d.c. at risk. Washington Post (2008)Google Scholar
- 11.Kirk, J.: Homeland security e-mail server turns into spam cannon. InfoWorld.com, October 4, 2007. Available from http://www.infoworld.com/d/security-central/ homeland-security-e-mail-server-turns-spam-cannon- 924, last visited March 2010.
- 12.Patzakis, J.: New incident response best practices: Patch and proceed is no longer acceptable incident response procedure. White Paper, Guidance Software, Pasadena, CA (2003)Google Scholar
- 13.Pfleeger, S.L., Stolfo, S.J.: Addressing the insider threat. IEEE Security and Privacy 7, 10–13 (2009). DOI http://doi.ieeecomputersociety.org/10.1109/MSP.2009.146 CrossRefGoogle Scholar
- 14.Predd, J., Pfleeger, S.L., Hunker, J., Bulford, C.: Insiders behaving badly. IEEE Security and Privacy 6, 66–70 (2008). DOI http://doi.ieeecomputersociety.org/10.1109/MSP.2008.87 Google Scholar
- 15.Schwartz, N.D., Bennhold, K.: A trader’s secrets, a bank’s missteps. New York Times, 5 February 2009, New York, USA.Google Scholar
- 16.Probst, C.W., Hunker, J.: The Risk of Risk Analysis-Audits relation to the Economics of Insider Threats, Proc. of the Eighth Workshop on the Economics of Information Security (WEIS 2009), June 2009.Google Scholar