Sciweavers

IFIP
2007
Springer

Insider Threat Analysis Using Information-Centric Modeling

14 years 5 months ago
Insider Threat Analysis Using Information-Centric Modeling
Capability acquisition graphs (CAGs) provide a powerful framework for modeling insider threats, network attacks and system vulnerabilities. However, CAG-based security modeling systems have yet to be deployed in practice. This paper demonstrates the feasibility of applying CAGs to insider threat analysis. In particular, it describes the design and operation of an information-centric, graphics-oriented tool called ICMAP. ICMAP enables an analyst without any theoretical background to apply CAGs to answer security questions about vulnerabilities and likely attack scenarios, as well as to monitor network nodes. This functionality makes the tool very useful for attack attribution and forensics.
Duc T. Ha, Shambhu J. Upadhyaya, Hung Q. Ngo, S. P
Added 08 Jun 2010
Updated 08 Jun 2010
Type Conference
Year 2007
Where IFIP
Authors Duc T. Ha, Shambhu J. Upadhyaya, Hung Q. Ngo, S. Pramanik, Ramkumar Chinchani, Sunu Mathew
Comments (0)