By Topic

Managing Malicious Insider Risk through BANDIT

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Berk, V.H. ; Thayer Sch. of Eng., Dartmouth Coll., Hanover, NH, USA ; Cybenko, G. ; Souza, I.G. ; Murphy, J.P.

The transition from system-to information-based security has continued steadily over the last 30 years. Correspondingly, it is increasingly not the computer that is at risk, but the information in it. The human operator is ultimately the cornerstone of information security, an integral part of the information infrastructure. We are therefore forced to use techniques and methods that help us understand the role of human actors in the information infrastructure, so that we may make meaningful progress in mitigating insider threat. Malicious versus benign human behavior cannot easily be categorized based on a signature such as conventional virus and intrusion detection approaches. Because the cost of a false positive is high, we must be careful in our classification and subsequent actions. This article outlines our BANDIT (Behavioral Anomaly Detection for Insider Threat) system, using the traditional notion of Motive, Means, and Opportunity, combined with comprehensive behavioral analysis techniques to place each individual on a sliding scale of 'insider risk'. Finally, an insider threat detection cost-benefit analysis, based on classical risk assessment techniques, is presented to quantify how effective the technology has to be for beneficial deployment in a given enterprise.

Published in:

System Science (HICSS), 2012 45th Hawaii International Conference on

Date of Conference:

4-7 Jan. 2012