[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ Skip to main content

Advertisement

Log in

A method for insider threat assessment by modeling the internal employee interactions

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Insider’s information security threat is one of the most critical issues in organizations. Due to their access to the assets and their knowledge about the systems, they pose a significant threat on organizations. It is difficult to distinguish between the behavior of normal employee and anomalous one due to its complex nature. It is important to predict the potential of occurring an undesired behavior of by an employee before taking place a security failure. An employee with a high degree of threat may try to influence other colleagues to encourage them to behave improperly and cause an information security breach. Therefore, analyzing the relationships between colleagues and assessing the influence propagation of insider threats play an important role in information security improvement process. This paper introduces an approach for modeling the relationships between colleagues to estimate the impact propagation of insider threats in organizations. The proposed approach has two main phases. In the first phase, the potential threat level of the organization employees is evaluated using the human and organizational factors of information security questionary. In the second phase, by modeling the employee’s relationships, the influence propagation of threats is estimated. The introduced model is based on directed graph structure, and it is parameterized by the employee’s threat values obtained from the first stage of the presented approach. We want to investigate how malicious or unacceptable behavior of an employee may affect the behavior of other employees and how can we model and evaluate this issue?

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (United Kingdom)

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

Similar content being viewed by others

Data availability

Data supporting the findings of this study are available on our public GitHub [23] repository.

References

  1. AlHogail, A.: Design and validation of information security culture framework. Comput. Hum. Behav. 49, 567–575 (2015)

    Article  Google Scholar 

  2. McCormac, A., Zwaans, T., Parsons, K., Calic, D., Butavicius, M., Pattinson, M.: Individual differences and information security awareness. Comput. Hum. Behav. 69, 151–156 (2017)

    Article  Google Scholar 

  3. Tolah, A., Furnell, S.M., Papadaki, M.: An empirical analysis of the information security culture key factors framework. Comput. Secur. 108, 102354 (2021)

    Article  Google Scholar 

  4. Parsons, K., Calic, D., Pattinson, M., Butavicius, M., McCormac, A., Zwaans, T.: The human aspects of information security questionnaire (HAIS-Q): two further validation studies. Comput. Secur. 66, 40–51 (2017)

    Article  Google Scholar 

  5. Ning, X., Jiang, J.: Defense-in-depth against insider attacks in cyber-physical systems. Internet Things Cyber-Phys. Syst. 2, 203–211 (2022)

    Article  Google Scholar 

  6. Orojloo, H., Azgomi, M.A.: A method for evaluating the consequence propagation of security attacks in cyber–physical systems. Futur. Gener. Comput. Syst. 67, 57–71 (2017)

    Article  Google Scholar 

  7. Humayed, A., Lin, J., Li, F., Luo, B.: Cyber-physical systems security—A survey. IEEE Internet Things J. 4(6), 1802–1831 (2017)

    Article  Google Scholar 

  8. Safa, N.S., Maple, C., Furnell, S., Azad, M.A., Perera, C., Dabbagh, M., Sookhak, M.: Deterrence and prevention-based model to mitigate information security insider threats in organisations. Futur. Gener. Comput. Syst. 97, 587–597 (2019)

    Article  Google Scholar 

  9. Al-Mhiqani, M.N., Ahmad, R., Abidin, Z.Z., Abdulkareem, K.H., Mohammed, M.A., Gupta, D., Shankar, K.: A new intelligent multilayer framework for insider threat detection. Comput. Electr. Eng. 97, 107597 (2022)

    Article  Google Scholar 

  10. Kim, K.N., Yim, M.S., Schneider, E.: A study of insider threat in nuclear security analysis using game theoretic modeling. Ann. Nucl. Energy 108, 301–309 (2017)

    Article  Google Scholar 

  11. Happa, J.: Insider-threat detection using gaussian mixture models and sensitivity profiles. Comput. Secur. 77, 838–859 (2018)

    Article  Google Scholar 

  12. Elmrabit, N., Yang, S.H., Yang, L., Zhou, H.: Insider threat risk prediction based on Bayesian network. Comput. Secur. 96, 101908 (2020)

    Article  Google Scholar 

  13. Alhajjar, E., Bradley, T.: Survival analysis for insider threat Detecting insider threat incidents using survival analysis techniques. Computational and mathematical organization theory, 2021

  14. Shamala, P., Ahmad, R., Zolait, A., Sedek, M.: Integrating information quality dimensions into information security risk management (ISRM). J. Inf. Secur. Appl. 36, 1–10 (2017)

    Google Scholar 

  15. Kim, J.Y., Kwon, H.Y.: Threat Classification Model for Security Information Event Management Focusing on Model Efficiency. Computers & Security, 102789, 2022

  16. Wiley, A., McCormac, A., Calic, D.: More than the individual: examining the relationship between culture and information security awareness. Comput. Secur. 88, 101640 (2020)

    Article  Google Scholar 

  17. Figueira, P.T., Bravoand, C.L., López, J.L.R.: Improving information security risk analysis by including threat-occurrence predictive models. Comput. Secur. 88, 101609 (2020)

    Article  Google Scholar 

  18. Safa, N.S., Von Solms, R.: An information security knowledge sharing model in organizations. Comput. Hum. Behav. 57, 442–451 (2016)

    Article  Google Scholar 

  19. Thangavelu, M., Krishnaswamy, V., Sharma, M.: Impact of comprehensive information security awareness and cognitive characteristics on security incident management–an empirical study. Comput. Secur. 109, 102401 (2021)

    Article  Google Scholar 

  20. Nazareth, D.L., Choi, J.: A system dynamics model for information security management. Inf. Manag. 52(1), 123–134 (2015)

    Article  Google Scholar 

  21. Yoon, K.: A reconciliation among discrete compromise solutions. J Oper. Res. Soc. 38, 277–286 (1987)

    Article  MATH  Google Scholar 

  22. Junior, F.R.L., Osiro, L., Carpinetti, L.C.R.: A comparison between Fuzzy AHP and Fuzzy TOPSIS methods to supplier selection. Appl. Soft Comput. 21, 194–209 (2014)

    Article  Google Scholar 

  23. https://github.com/Sepehrzadeh/ThreatAssessmentPaper

Download references

Funding

No funding was received for this research.

Author information

Authors and Affiliations

Authors

Contributions

All the preparation steps of the article were done by me.

Corresponding author

Correspondence to Hamed Sepehrzadeh.

Ethics declarations

Conflict of interest

All of the authors declare that they have no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Sepehrzadeh, H. A method for insider threat assessment by modeling the internal employee interactions. Int. J. Inf. Secur. 22, 1385–1393 (2023). https://doi.org/10.1007/s10207-023-00697-9

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-023-00697-9

Keywords

Navigation