Insider Threat Analysis Using Information-Centric Modeling

14 years 5 months ago

Download www.cse.buffalo.edu

Capability acquisition graphs (CAGs) provide a powerful framework for modeling insider threats, network attacks and system vulnerabilities. However, CAG-based security modeling systems have yet to be deployed in practice. This paper demonstrates the feasibility of applying CAGs to insider threat analysis. In particular, it describes the design and operation of an information-centric, graphics-oriented tool called ICMAP. ICMAP enables an analyst without any theoretical background to apply CAGs to answer security questions about vulnerabilities and likely attack scenarios, as well as to monitor network nodes. This functionality makes the tool very useful for attack attribution and forensics.

Duc T. Ha, Shambhu J. Upadhyaya, Hung Q. Ngo, S. P

Real-time Traffic

CAG-based Security Modeling | Capability Acquisition Graphs | Communications | IFIP 2007 | Insider Threat |

claim paper

Post Info
More Details (n/a)

Added	08 Jun 2010
Updated	08 Jun 2010
Type	Conference
Year	2007
Where	IFIP
Authors	Duc T. Ha, Shambhu J. Upadhyaya, Hung Q. Ngo, S. Pramanik, Ramkumar Chinchani, Sunu Mathew

Comments (0)

Sciweavers

Insider Threat Analysis Using Information-Centric Modeling

CAG-based Security Modeling | Capability Acquisition Graphs | Communications | IFIP 2007 | Insider Threat |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers