|
Title:
|
THE INSIDER THREAT MINIMIZATION AND MITIGATION FRAMEWORK |
|
Author(s):
|
Ghassan (Gus) Jabbour and Jason J. Jabbour |
|
ISBN:
|
978-989-8704-27-6 |
|
Editors:
|
Miguel Baptista Nunes, Pedro IsaĆas and Philip Powell |
|
Year:
|
2021 |
|
Edition:
|
Single |
|
Keywords:
|
Insider Threat, Autonomous Computing, Self-Protection |
|
Type:
|
Full |
|
First Page:
|
69 |
|
Last Page:
|
77 |
|
Language:
|
English |
|
Cover:
|
|
|
Full Contents:
|
click to dowload 
|
|
Paper Abstract:
|
Countering the insider threat is a difficult and daunting task. Organizations concerned with the problem usually train their
employees on security-related matters, rules of behavior policies, and the consequences of committing criminal activities.
More technically-oriented solutions include enhanced credentialing and access control, and the use of monitoring tools that
provide insight into the health and status of systems. This paper addresses the deficiency of widely-used monitoring tools
and strategies. It proposes a solution that equips a system with innate self-defense mechanisms that relieve the system from
having to rely on human intervention. The paper introduces the Insider Threat Minimization and Mitigation Framework.
The framework equips systems with self-defense mechanisms such that a system can instantaneously respond to potential
threats and defend itself against users who have unfettered access to it. The framework employs the autonomous demotion
of power users' access privileges based on analysis and evaluation of the user's risk level. The paper presents the details of
the proposed framework and simulates its effectiveness within a data center environment of mission-critical systems. |
|
|
|
|
|
|
