Skip to main content

Identifying attack patterns for insider threat detection

Agrafiotis, Ioannis, Nurse, Jason R. C., Buckley, Oliver, Legg, Phil, Creese, Sadie, Goldsmith, Michael (2015) Identifying attack patterns for insider threat detection. Computer Fraud & Security, (7). pp. 9-17. (doi:10.1016/S1361-3723(15)30066-X) (The full text of this publication is not currently available from this repository. You may be able to access a copy if URLs are provided)

The full text of this publication is not currently available from this repository. You may be able to access a copy if URLs are provided. (Contact us about this Publication)
Official URL
http://www.journals.elsevier.com/computer-fraud-an...

Abstract

The threat that insiders pose to businesses, institutions and governmental organisations continues to be of serious concern. Recent industry surveys provide unequivocal evidence to support the significance of this threat and its prevalence in enterprises today.1 In an attempt to address this challenge, several approaches and systems have been proposed by practitioners and researchers. These focus on defining the insider threat and exploring the human and psychological factors involved, through to the detection and deterrence of these threats via technological and behavioural theories.

Insider threats pose major concerns to businesses, institutions and governmental organisations. Few solutions to this problem consider all the technical, organisational and behavioural aspects.

In new research, Ioannis Agrafiotis, Jason RC Nurse, Oliver Buckley, Phil Legg, Sadie Creese and Michael Goldsmith define attack patterns that could be key in assisting insider-threat detection, based on 120 real-world case studies. They present their findings, representing each case study as a series of attack steps and identify common trends between different attacks.

Item Type: Article
DOI/Identification number: 10.1016/S1361-3723(15)30066-X
Subjects: Q Science
T Technology
Divisions: Faculties > Sciences > School of Computing
Faculties > Sciences > School of Computing > Security Group
Depositing User: Jason Nurse
Date Deposited: 03 Jul 2018 12:44 UTC
Last Modified: 01 Aug 2019 10:43 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/67505 (The current URI for this page, for reference purposes)
Nurse, Jason R. C.: https://orcid.org/0000-0003-4118-1680
  • Depositors only (login required):