Mitigating Insider Threat and Avoiding Unauthorized Knowledge Acquirement Using Acquaintance Based Threat Prediction Graph
暂无分享,去创建一个
An Insider Threat is a malicious threat to an organization it actually comes from people within the organization, such as employees, former employees, contractors or business associates, who have access to the confidential information of the organization. The paper characterizes various types of dependencies as well as constraints on dependencies that may be used by insiders to deduce unauthorized information. It pioneers the constraint and dependency graph (CDG) that characterizes dependencies and constraints. Additionally, CDG shows the paths that insiders can track to acquire unauthorized knowledge. In addition, the paper presents the acquaintance graph (AG) that reveals the knowledgebase of an insider and the amount of information that the insider has about data items. To forecast and prevent insider threat, the paper characterizes and uses the threat prediction graph (TPG). A TPG illustrates the threat prediction value (TPV) of each data item in insiders’ AG, where TPV is used to lift up an alert when an insider threat occurs.