Sciweavers

HICSS
2009
IEEE

Case Studies of an Insider Framework

14 years 6 months ago
Case Studies of an Insider Framework
Many groups are interested in the insider threat problem, but the model generally used by all of these groups is implicitly binary—one is either within a perimeter or not. There is another model, however, that employs a graduated approach to defining insiders. This approach gives greater flexibility for considering many threats that are not traditionally captured by a model, such as the impact of social engineering attacks. This new definition enables more accurate and useful security policies to be implemented so that well-defined insiders can be deterred, detected, and analyzed. We examine the flexibility of this model in this paper through case studies, showing how the model captures both traditional insiders and social engineering attacks.
Matt Bishop, Sophie Engle, Sean Peisert, Sean Whal
Added 19 May 2010
Updated 19 May 2010
Type Conference
Year 2009
Where HICSS
Authors Matt Bishop, Sophie Engle, Sean Peisert, Sean Whalen, Carrie Gates
Comments (0)