Insider risk profile matrix to quantify risk value of insider threat prediction framework
An insider threat refers to the threat arising from an individual inside an organization that maliciously leverages his or her system privileges, and closeness and proximity in a computerized environment to compromise valuable information and inflict harm. This scenario is an example of system viola...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Asian Research Publishing Network
2017
|
| Online Access: | http://eprints.utm.my/id/eprint/76647/1/IszaidaIsmail2017_InsiderRiskProfileMatrixToQuantify.pdf http://eprints.utm.my/id/eprint/76647/ https://www.scopus.com/inward/record.uri?eid=2-s2.0-85031714406&partnerID=40&md5=009d5dbc4ba46463e7871242b169963f |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | An insider threat refers to the threat arising from an individual inside an organization that maliciously leverages his or her system privileges, and closeness and proximity in a computerized environment to compromise valuable information and inflict harm. This scenario is an example of system violation that decreases the degree of system trustworthiness. Most cases of system trustworthiness use a peer judgment formulation, which may involve bias sentiments towards document sensitivity values. Moreover, audit trails of risky document navigation paths are important as an alarm to indicate any violation. Therefore, this study presents a combination of the trust criteria and document sensitivity level of an insider to obtain a risk value, which will be used to predict the occurrence of an insider threat. This study begins by investigating the prominent attributes of insiders with a focus on their degree of experience and skill in line with system trust. Subsequently, these prominent attributes are used to construct an insider Trust Profile Matrix (TPM). From the TPM, the trust value is calculated and combined with the sensitivity value of each document to produce a Risk Matrix (RM). As a result, (i) risk value and (ii) prediction rate and risky path are then calculated and analyzed using an Insider Threat Prediction Framework as an alarm for violation occurrence. |
|---|