A Probabilistic Analysis Framework for Malicious Insider Threats

TitleA Probabilistic Analysis Framework for Malicious Insider Threats
Publication TypeConference Paper
Year of Publication2015
AuthorsChen T., Kammueller F., Nemli I., Probst C.W
Conference NameThird International Conference on Human Aspects of Information Security, Privacy, and Trust (HAS), Los Angeles, US
Date PublishedJuly
PublisherSpringer Verlag
Conference LocationBerlin
KeywordsMalicious Insider Threats, Probabilistic analysis

Malicious insider threats are difficult to detect and to mitigate. Many approaches for explaining behaviour exist, but there is little work to relate them to formal approaches to insider threat detection. In this work we present a general formal framework to perform analysis for malicious insider threats, based on probabilistic modelling, verification, and synthesis techniques. The framework first identifies insiders' intention to perform an inside attack, using Bayesian networks, and in a second phase computes the probability of success for an inside attack by this actor, using probabilistic model checking.