Assessment of insider attack with learning statistics methods

Authors

  • Volodymyr Mokhor State institution «Institute of special communications and information security National technical university of Ukraine « Kyiv polytechnic institute», Kyiv,, Ukraine
  • Hryhorii Kravtsov Pukhov institute for modeling in energy engineering of National academy of sciences of Ukraine, Kyiv,, Ukraine
  • Ihor Kotsiuba Pukhov institute for modeling in energy engineering of National academy of sciences of Ukraine, Kyiv,, Ukraine

DOI:

https://doi.org/10.20535/2411-1031.2015.3.2.60881

Abstract

The popularity of mobile devices, wearable devices used in collaborative information systems, has dramatically exploded over the past decade. Thus, we understand that in ordinary office, a single person can use plenty of active interfaces like wireless data transfer interfaces, which can help, among direct usage, strengthen access control and information security subsystem. Despite the fact that enterprises quite rightly develop controls and prevention techniques to combat cyberattacks, threats from users within the corporate network pose a significant risk to information assets. Existing users with accounts, permissions and access required to perform their jobs are increasingly becoming a major risk to information security through account misuse, data loss and fraudulent activities. This article reviews the definition of an insider threat and its impact, and provides an overview of the techniques to control and remediate these threats.

Keywords: insider threat, integrity, BYOD, vulnerability.

Author Biographies

Volodymyr Mokhor, State institution «Institute of special communications and information security National technical university of Ukraine « Kyiv polytechnic institute», Kyiv,

doctor of technical sciences, professor,
head of academic department

Hryhorii Kravtsov, Pukhov institute for modeling in energy engineering of National academy of sciences of Ukraine, Kyiv,

candidate of technical sciences,
doctoral student

Ihor Kotsiuba, Pukhov institute for modeling in energy engineering of National academy of sciences of Ukraine, Kyiv,

postgraduate student

References

Zegzhda, P.D., Rudina, Е.А. (2008), Osnovy informatcionnoi bezopasnosti [Basic Information Security], Polytechnic Institute Publ., Snt. Ptrsb., 224 p.

Skiba, V.Y., Kurbatov, V.A. (2008), Rukovodstvo po zashchite ot vnutrennikh ugroz informatcionnoi bezopasnosti [Inside threat prevention manual], Piter Publ., Snt. Ptrsb., 320 p.

Stolfo, S. J., Bellovin, S. M. (2008), Shlomo Hershkop: Insider Attack and Cyber Security Beyond the Hacker, Springer Publ., California, 223 p.

Downloads

Published

2015-12-31

How to Cite

Mokhor, V., Kravtsov, H., & Kotsiuba, I. (2015). Assessment of insider attack with learning statistics methods. Collection "Information Technology and Security", 3(2), 88–95. https://doi.org/10.20535/2411-1031.2015.3.2.60881

Issue

Vol. 3 No. 2 (2015)

Section

INFORMATION SECURITY

License

Copyright (c) 2020 Collection "Information technology and security"

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The authors that are published in this collection, agree to the following terms:

  1. The authors reserve the right to authorship of their work and pass the collection right of first publication this work is licensed under the Creative Commons Attribution License, which allows others to freely distribute the published work with the obligatory reference to the authors of the original work and the first publication of the work in this collection.
     
  2. The authors have the right to conclude an agreement on exclusive distribution of the work in the form in which it was published this anthology (for example, to place the work in a digital repository institution or to publish in the structure of the monograph), provided that references to the first publication of the work in this collection.
     
  3. Policy of the journal allows and encourages the placement of authors on the Internet (for example, in storage facilities or on personal web sites) the manuscript of the work, prior to the submission of the manuscript to the editor, and during its editorial processing, as it contributes to productive scientific discussion and positive effect on the efficiency and dynamics of citations of published work (see The Effect of Open Access).