A Probabilistic Analysis Framework for Malicious Insider Threats
|Title||A Probabilistic Analysis Framework for Malicious Insider Threats|
|Publication Type||Conference Paper|
|Year of Publication||2015|
|Authors||Chen T., Kammueller F., Nemli I., Probst C.W|
|Conference Name||Third International Conference on Human Aspects of Information Security, Privacy, and Trust (HAS), Los Angeles, US|
|Keywords||Malicious Insider Threats, Probabilistic analysis|
Malicious insider threats are difficult to detect and to mitigate. Many approaches for explaining behaviour exist, but there is little work to relate them to formal approaches to insider threat detection. In this work we present a general formal framework to perform analysis for malicious insider threats, based on probabilistic modelling, verification, and synthesis techniques. The framework first identifies insiders' intention to perform an inside attack, using Bayesian networks, and in a second phase computes the probability of success for an inside attack by this actor, using probabilistic model checking.