Title: Risk aware intelligent system for insider threat detection

Authors: R. Sarala; G. Zayaraz; V. Vijayalakshmi

Addresses: Department of Computer Science and Engineering, Pondicherry Engineering College, Puducherry – 605014, India ' Department of Computer Science and Engineering, Pondicherry Engineering College, Puducherry – 605014, India ' Department of Electronics and Communication Engineering, Pondicherry Engineering College, Puducherry – 605014, India

Abstract: Information security risk assessment has a major role in assessing the security posture of any organisation. Risk assessment is mostly performed with focus on the external threats to the information assets rather than the insider threats. Insider attacks are caused by the insiders with privileged access rights to the information assets. Traditional security controls like encryption and policy-based access control used in organisations fail to identify the malicious insider activity. Therefore, fighting insider threats is a tough task for organisations since it is important to have a balance between the grant of required privileges to the users, and identification of malicious access by them. This paper proposes an intelligent risk aware decision support system that identifies the presence insider threats and their intensity in an organisation by quantifying the risk to assets and behaviour monitoring of users who access those assets.

Keywords: insider threats; behaviour-based trust; context-based assess control; fuzzy decision-making; information security risk assessment.

DOI: 10.1504/IJDATS.2017.088362

International Journal of Data Analysis Techniques and Strategies, 2017 Vol.9 No.4, pp.362 - 379

Received: 18 Feb 2016
Accepted: 07 Oct 2016

Published online: 30 Nov 2017 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article