Title :
An Enhanced Threat Identification Approach for Collusion Threats
Author :
Kohli, Harpreet ; Lindskog, Dale ; Zavarsky, Pavol ; Ruhl, Ron
Abstract :
Colluding threat agents are a serious and difficult problem to deal with in any organization. Collusion is possible at any level and with any entity inside or outside the organization. Traditional methods cannot effectively deal with legitimate users who abuse their privileges and their familiarity and proximity to the computational environment by colluding with outsiders or other insiders to exploit the organization´s critical assets. In this paper, we emphasize the limitation of current approaches to threat identification and, because of the seriousness of collusion involving insider threat agents, we give special attention to the MERIT (Management and Education of the Risk of Insider Threat) model. In response to these limitations, we propose an enhanced approach to threat identification, an approach that explicitly and formally addresses the possibility of colluding threat agents.
Keywords :
asset management; multi-agent systems; organisational aspects; risk management; MERIT model; collusion threat agent; management and education of the risk of insider threat model; organization critical asset; threat identification approach; Access control; Databases; Magneto electrical resistivity imaging technique; Monitoring; Organizations; Risk management; collusion threat; insider threat; risk assessment; risk mitigation; threat identification;
Conference_Titel :
Security Measurements and Metrics (Metrisec), 2011 Third International Workshop on
Conference_Location :
Banff, AB
Print_ISBN :
978-1-4673-1245-5
DOI :
10.1109/Metrisec.2011.11
