Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
COMPSEC
2002
2002
A framework for understanding and predicting insider attacks
In this paper an insider attack is considered to be deliberate misuse by those who are authorized to use computers and networks. Applying this definition in real-life settings to determine whether or not an attack was caused by an insider is often, however, anything but straightforward. We know very little about insider attacks, and misconceptions concerning insider attacks abound. The belief that "most attacks come from inside" is held by many information security professionals, for example, even though empirical statistics and firewall logs indicate otherwise. This paper presents a framework based on previous studies and models of insider behavior as well as firsthand experience in dealing with insider attacks. This framework defines relevant types of insider attack-related behaviors and symptoms--"indicators" that include deliberate markers, meaningful errors, preparatory behaviors, correlated usage patterns, verbal behavior and personality traits. From these se...
Real-time Traffic| Added | 18 Dec 2010 |
| Updated | 18 Dec 2010 |
| Type | Journal |
| Year | 2002 |
| Where | COMPSEC |
| Authors | E. Eugene Schultz |
Comments (0)
Researcher Info
|
