Fault Tree Analysis of Accidental Insider Security Events

Author

Patil, Premajyothi ; Zavarsky, Pavol ; Lindskog, Dale ; Ruhl, Ron

Author_Institution

Inf. Syst. Security, Concordia Univ. Coll. of Alberta, Edmonton, AB, Canada

fYear

2012

fDate

14-16 Dec. 2012

Firstpage

113

Lastpage

118

Abstract

Insider threats have been categorized as unintentional and malicious. The frameworks and models which are used to detect malicious behavior of employees would likely fail to detect unintentional insider as there is no malicious intent. This paper accentuates the limitation of MERIT (Management and Education of Risks of Insider Threat) in its scope for accidental insider threats and proposes Fault Tree Analysis (FTA) of the security events caused by accidental insiders. We perform FTA on two cases involving accidental insiders which help understand human side behind the user errors. The first case involves data loss via outbound email due to employee error while the second case involves accidental disclosure of sensitive information by insiders. The countermeasures are thus better interpreted and communicated as the causes of a threat are well understood which is essential for human fault avoidance.

Keywords

electronic mail; fault trees; human factors; personnel; risk analysis; security of data; FTA; MERIT; accidental insider security events; employee error; fault tree analysis; human fault avoidance; malicious behavior; management and education of risks of insider threat; outbound email; unintentional insider; Accidental insider event; Fault Tree Analysis (FTA); Minimal Cut Set (MCS); basic event; root event;

fLanguage

English

Publisher

ieee

Conference_Titel

Cyber Security (CyberSecurity), 2012 International Conference on

Conference_Location

Washington, DC

Print_ISBN

978-1-4799-0219-4

Type

conf

DOI

10.1109/CyberSecurity.2012.21

Filename

6542533