Assessment of insider attack with learning statistics methods
The popularity of mobile devices, wearable devices used in collaborative information systems, has dramatically exploded over the past decade. Thus, we understand that in ordinary office, a single person can use plenty of active interfaces like wireless data transfer interfaces, which can help, among direct usage, strengthen access control and information security subsystem. Despite the fact that enterprises quite rightly develop controls and prevention techniques to combat cyberattacks, threats from users within the corporate network pose a significant risk to information assets. Existing users with accounts, permissions and access required to perform their jobs are increasingly becoming a major risk to information security through account misuse, data loss and fraudulent activities. This article reviews the definition of an insider threat and its impact, and provides an overview of the techniques to control and remediate these threats.
Keywords: insider threat, integrity, BYOD, vulnerability.
Zegzhda, P.D., Rudina, Е.А. (2008), Osnovy informatcionnoi bezopasnosti [Basic Information Security], Polytechnic Institute Publ., Snt. Ptrsb., 224 p.
Skiba, V.Y., Kurbatov, V.A. (2008), Rukovodstvo po zashchite ot vnutrennikh ugroz informatcionnoi bezopasnosti [Inside threat prevention manual], Piter Publ., Snt. Ptrsb., 320 p.
Stolfo, S. J., Bellovin, S. M. (2008), Shlomo Hershkop: Insider Attack and Cyber Security Beyond the Hacker, Springer Publ., California, 223 p.
ISSN 2411-1031 (Print), ISSN 2518-1033 (Online)