Detecting collaborative insider attacks in information systems

Author

Viet, Khanh ; Panda, Brajendra ; Hu, Yi

Author_Institution

Comput. Sci. & Comput. Eng. Dept., Univ. of Arkansas, Fayetteville, AR, USA

fYear

2012

fDate

14-17 Oct. 2012

Firstpage

502

Lastpage

507

Abstract

The overall goals of information security are to ensure the confidentiality, integrity, and availability of the data in the systems. In addition to the common outsider attacks, insider attacks are often inadequately checked by the security mechanisms. This paper addresses the problem of collaborative insider attacks where two or more insiders work together to compromise critical data in the information systems. It first discusses the relations among the system components and the illegal information flow diagram. Then, the characteristics of data accesses profiled by the mutual-access-record´s probability value and distance of transaction to data item are presented. The algorithm for detecting collaborative insider attacks is introduced afterwards. Moreover, simulation experiments were conducted to verify the effectiveness of the proposed approach.

Keywords

information systems; security of data; collaborative insider attack detection; data availability; data confidentiality; data integrity; illegal information flow diagram; information security; information system; mutual-access-record probability value; outsider attack; security mechanism; transaction-to-data item distance; Access control; Bridges; Collaboration; Information security; Remuneration; collaborative attack; cyber attack; information flow; information security; insider attack;

fLanguage

English

Publisher

ieee

Conference_Titel

Systems, Man, and Cybernetics (SMC), 2012 IEEE International Conference on

Conference_Location

Seoul

Print_ISBN

978-1-4673-1713-9

Electronic_ISBN

978-1-4673-1712-2

Type

conf

DOI

10.1109/ICSMC.2012.6377774

Filename

6377774