Combining generated data models with formal invalidation for insider threat analysis
Conference paper
Kammueller, F. and Probst, C. 2014. Combining generated data models with formal invalidation for insider threat analysis. 2014 IEEE Security and Privacy Workshops (SPW): Workshop on Research for Insider Threat (WRIT 2014). San Jose, California, USA 17 - 18 May 2014 Institute of Electrical and Electronics Engineers (IEEE). pp. 229-235 https://doi.org/10.1109/SPW.2014.45
Type | Conference paper |
---|---|
Title | Combining generated data models with formal invalidation for insider threat analysis |
Authors | Kammueller, F. and Probst, C. |
Abstract | In this paper we revisit the advances made on invalidation policies to explore attack possibilities in organizational models. One aspect that has so far eloped systematic analysis of insider threat is the integration of data into attack scenarios and its exploitation for analyzing the models. We draw from recent insights into generation of insider data to complement a logic based mechanical approach. We show how insider analysis can be traced back to the early days of security verification and the Lowe-attack on NSPK. The invalidation of policies allows model checking organizational structures to detect insider attacks. Integration of higher order logic specification techniques allows the use of data refinement to explore attack possibilities beyond the initial system specification. We illustrate this combined invalidation technique on the classical example of the naughty lottery fairy. Data generation techniques support the automatic generation of insider attack data for research. The data generation is however always based on human generated insider attack scenarios that have to be designed based on domain knowledge of counter-intelligence experts. Introducing data refinement and invalidation techniques here allows the systematic exploration of such scenarios and exploit data centric views into insider threat analysis. |
Conference | 2014 IEEE Security and Privacy Workshops (SPW): Workshop on Research for Insider Threat (WRIT 2014) |
Page range | 229-235 |
ISBN | |
Hardcover | 9781479951031 |
Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
Publication dates | |
2014 | |
Publication process dates | |
Deposited | 23 Apr 2015 |
Accepted | 14 Mar 2014 |
Output status | Published |
Digital Object Identifier (DOI) | https://doi.org/10.1109/SPW.2014.45 |
Language | English |
Book title | 2014 IEEE Security and Privacy Workshops (SPW) |
https://repository.mdx.ac.uk/item/85147
52
total views0
total downloads0
views this month0
downloads this month