File(s) under permanent embargo
Reason: The file associated with this record is under embargo until 12 months after publication, in accordance with the publisher's self-archiving policy. The full text may be available through the publisher links provided above.
Insider Threat Risk Prediction based on Bayesian Network
Insider threat protection has received increasing attention in the last ten years due to the serious con-sequences of malicious insider threats. Moreover, data leaks and the sale of mass data have become much simpler to achieve, e.g., the dark web can allow malicious insiders to divulge confidential data whilst hiding their identities. In this paper, we propose a novel approach to predict the risk of malicious insider threats prior to a breach taking place. Firstly, we propose a new framework for insider threat risk prediction, drawing on technical, organisational and human factor perspectives. Secondly, we employ a Bayesian network to model and implement the proposed framework. Furthermore, this Bayesian network-based prediction model is evaluated in a range of challenging environments. The risk level predictions for each authorised users within the organisation are examined so that any in-sider threat risk can be identified. The proposed insider threat prediction model achieved better results when compared to the empirical judgements of security experts.
Funding
The work was jointly funded by the National ScienceFoundation of China (NSFC) through the project ‘Dealing with Security and Safety Contradictions and Intrusion Tolerant Control for Industrial Cyber-Physical Systems’ (ProjectID: 61873119) and by EU Horizon 2020 DOMINOES Project(Grant Number: 771066)
History
Citation
Computers and Security (2020) In PressVersion
- AM (Accepted Manuscript)
