Abstract
Every year corporations and government installations spend millions of dollars fortifying their network infrastructures. Firewalls, intrusion detection systems, and antivirus products stand guard at network boundaries, and individuals monitor countless logs and sensors for even the subtlest hints of network penetration. Vendors and IT managers have focused on keeping the wily hacker outside the network perimeter, but very few technological measures exist to guard against insiders - those entities that operate inside the fortified network boundary. The 2002 CSI/FBI survey estimates that 70 percent of successful attacks come from the inside. Several other estimates place those numbers even higher.
- 1. Power, R. 2002 CSI/FBI computer crime and security survey. Computer Security Issues and Trends VIII, 1 (Spring 2002).Google Scholar
- 2. Hayden, M. V. The Insider Threat to U. S. Government Information Systems. Report from NSTISSAM INFOSEC /1-99, July 1999.Google Scholar
- 3. Ferrie, P., and Lee, T. Analysis of W32.Mydoom.A@mm; http://securityresponse.symantec.com/avcenter/venc/ data/[email protected].Google Scholar
- 4. Bridwell, L., and Tippett, P. ICSA Labs 7th Annual Computer Virus Prevalence Survey 2001. ICSA Labs, 2001.Google Scholar
- 5. See, for example, Microsoft Security Bulletin MS03- 050, Vulnerability in Microsoft Word and Microsoft Excel Could Allow Arbitrary Code To Run: http: //www.microsoft.com/technet/security/bulletin/MS03- 050.mspx; or MS03-035, Flaws in Microsoft Word Could Enable Macros To Run Automatically: http://www.microsoft.com/technet/security/bulletin/ MS03-035.mspx.Google Scholar
- 6. Dos Santos, A., Vigna, G., and Kemmerer, R. Security testing of the online banking service of a large international bank. Proceedings of the First Workshop on Security and Privacy in E-Commerce (Nov. 2000).Google Scholar
- 7. Sophos Corporation. Top ten viruses reported to Sophos in 2003; http://www.sophos.com/virusinfo/ topten/200312summary.html.Google Scholar
Index Terms
- The Insider, Naivety, and Hostility: Security Perfect Storm?: Keeping nasties out if only half the battle.
Recommendations
Towards Countermeasure of Insider Threat in Network Security
INCOS '11: Proceedings of the 2011 Third International Conference on Intelligent Networking and Collaborative SystemsWe discuss countermeasure against insider threats in network security aspect. In the context of countermeasure against insider threats, there is no perimeter for access control in a network. A traditional access control process by using a firewall on a ...
Trust Enhanced Security Architecture for Detecting Insider Threats
TRUSTCOM '13: Proceedings of the 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and CommunicationsAttacks on the organization networks can be classified as external and internal attacks. For the purpose of this paper we consider that external attacks are generated by the attackers or from hosts outside the organization, and internal attacks are ...
Comments