Defense against Insider Threat: a Framework for Gathering Goal-based Requirements

V. Nunes Leal Franqueira, Pascal van Eck

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    Abstract

    Insider threat is becoming comparable to outsider threat in frequency of security events. This is a worrying situation, since insider attacks have a high probability of success because insiders have authorized access and legitimate privileges. Despite their importance, insider threats are still not properly addressed by organizations. We contribute to reverse this situation by introducing a framework composed of a method for identification and assessment of insider threat risks and of two supporting deliverables for awareness of insider threat. The deliverables are: (i) attack strategies structured in four decomposition trees, and (ii) a matrix which correlates defense strategies, attack strategies and control principles. The method output consists of goal-based requirements for the defense against insiders.
    Original languageUndefined
    Title of host publicationProceedings of the 12th International Workshop on Exploring Modeling Methods in Systems Analysis and Design (EMMSAD 2007), held in conjuction with CAISE'07
    EditorsB Pernici, J.A. Gulla
    Place of PublicationTrondheim
    PublisherTapir Academic Press
    Pages193-202
    Number of pages10
    ISBN (Print)978-82-519-2245-6
    Publication statusPublished - 2007
    Event12th International Workshop on Exploring Modeling Methods in Systems Analysis and Design, EMMSAD 2007 - Trondheim, Norway
    Duration: 11 Jun 200715 Jun 2007
    Conference number: 12

    Publication series

    Name
    PublisherTapir Academic Press
    Number2

    Workshop

    Workshop12th International Workshop on Exploring Modeling Methods in Systems Analysis and Design, EMMSAD 2007
    Abbreviated titleEMMSAD
    CountryNorway
    CityTrondheim
    Period11/06/0715/06/07

    Keywords

    • SCS-Services
    • EWI-9623
    • IR-63987
    • METIS-241567

    Cite this

    Nunes Leal Franqueira, V., & van Eck, P. (2007). Defense against Insider Threat: a Framework for Gathering Goal-based Requirements. In B. Pernici, & J. A. Gulla (Eds.), Proceedings of the 12th International Workshop on Exploring Modeling Methods in Systems Analysis and Design (EMMSAD 2007), held in conjuction with CAISE'07 (pp. 193-202). Trondheim: Tapir Academic Press.
    Nunes Leal Franqueira, V. ; van Eck, Pascal. / Defense against Insider Threat: a Framework for Gathering Goal-based Requirements. Proceedings of the 12th International Workshop on Exploring Modeling Methods in Systems Analysis and Design (EMMSAD 2007), held in conjuction with CAISE'07. editor / B Pernici ; J.A. Gulla. Trondheim : Tapir Academic Press, 2007. pp. 193-202
    @inproceedings{266445f325804d4188b3ded3c77452cc,
    title = "Defense against Insider Threat: a Framework for Gathering Goal-based Requirements",
    abstract = "Insider threat is becoming comparable to outsider threat in frequency of security events. This is a worrying situation, since insider attacks have a high probability of success because insiders have authorized access and legitimate privileges. Despite their importance, insider threats are still not properly addressed by organizations. We contribute to reverse this situation by introducing a framework composed of a method for identification and assessment of insider threat risks and of two supporting deliverables for awareness of insider threat. The deliverables are: (i) attack strategies structured in four decomposition trees, and (ii) a matrix which correlates defense strategies, attack strategies and control principles. The method output consists of goal-based requirements for the defense against insiders.",
    keywords = "SCS-Services, EWI-9623, IR-63987, METIS-241567",
    author = "{Nunes Leal Franqueira}, V. and {van Eck}, Pascal",
    note = "http://eprints.ewi.utwente.nl/9623",
    year = "2007",
    language = "Undefined",
    isbn = "978-82-519-2245-6",
    publisher = "Tapir Academic Press",
    number = "2",
    pages = "193--202",
    editor = "B Pernici and J.A. Gulla",
    booktitle = "Proceedings of the 12th International Workshop on Exploring Modeling Methods in Systems Analysis and Design (EMMSAD 2007), held in conjuction with CAISE'07",

    }

    Nunes Leal Franqueira, V & van Eck, P 2007, Defense against Insider Threat: a Framework for Gathering Goal-based Requirements. in B Pernici & JA Gulla (eds), Proceedings of the 12th International Workshop on Exploring Modeling Methods in Systems Analysis and Design (EMMSAD 2007), held in conjuction with CAISE'07. Tapir Academic Press, Trondheim, pp. 193-202, 12th International Workshop on Exploring Modeling Methods in Systems Analysis and Design, EMMSAD 2007, Trondheim, Norway, 11/06/07.

    Defense against Insider Threat: a Framework for Gathering Goal-based Requirements. / Nunes Leal Franqueira, V.; van Eck, Pascal.

    Proceedings of the 12th International Workshop on Exploring Modeling Methods in Systems Analysis and Design (EMMSAD 2007), held in conjuction with CAISE'07. ed. / B Pernici; J.A. Gulla. Trondheim : Tapir Academic Press, 2007. p. 193-202.

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    TY - GEN

    T1 - Defense against Insider Threat: a Framework for Gathering Goal-based Requirements

    AU - Nunes Leal Franqueira, V.

    AU - van Eck, Pascal

    N1 - http://eprints.ewi.utwente.nl/9623

    PY - 2007

    Y1 - 2007

    N2 - Insider threat is becoming comparable to outsider threat in frequency of security events. This is a worrying situation, since insider attacks have a high probability of success because insiders have authorized access and legitimate privileges. Despite their importance, insider threats are still not properly addressed by organizations. We contribute to reverse this situation by introducing a framework composed of a method for identification and assessment of insider threat risks and of two supporting deliverables for awareness of insider threat. The deliverables are: (i) attack strategies structured in four decomposition trees, and (ii) a matrix which correlates defense strategies, attack strategies and control principles. The method output consists of goal-based requirements for the defense against insiders.

    AB - Insider threat is becoming comparable to outsider threat in frequency of security events. This is a worrying situation, since insider attacks have a high probability of success because insiders have authorized access and legitimate privileges. Despite their importance, insider threats are still not properly addressed by organizations. We contribute to reverse this situation by introducing a framework composed of a method for identification and assessment of insider threat risks and of two supporting deliverables for awareness of insider threat. The deliverables are: (i) attack strategies structured in four decomposition trees, and (ii) a matrix which correlates defense strategies, attack strategies and control principles. The method output consists of goal-based requirements for the defense against insiders.

    KW - SCS-Services

    KW - EWI-9623

    KW - IR-63987

    KW - METIS-241567

    M3 - Conference contribution

    SN - 978-82-519-2245-6

    SP - 193

    EP - 202

    BT - Proceedings of the 12th International Workshop on Exploring Modeling Methods in Systems Analysis and Design (EMMSAD 2007), held in conjuction with CAISE'07

    A2 - Pernici, B

    A2 - Gulla, J.A.

    PB - Tapir Academic Press

    CY - Trondheim

    ER -

    Nunes Leal Franqueira V, van Eck P. Defense against Insider Threat: a Framework for Gathering Goal-based Requirements. In Pernici B, Gulla JA, editors, Proceedings of the 12th International Workshop on Exploring Modeling Methods in Systems Analysis and Design (EMMSAD 2007), held in conjuction with CAISE'07. Trondheim: Tapir Academic Press. 2007. p. 193-202