Top
Free Shipping On Orders Over $35!
Get Rewarded for Ordering Your Textbooks! Enroll Now
Customer Reviews Read Reviews
Write a Review
| Aspects of Insider Threats | p. 1 |
| Introduction | p. 1 |
| Insiders and Insider Threats | p. 2 |
| Insider Threats | p. 5 |
| Taxonomies | p. 6 |
| Detection and Mitigation | p. 7 |
| Policies | p. 9 |
| Human Factors and Compliance | p. 11 |
| Conclusion | p. 13 |
| References | p. 15 |
| Combatting Insider Threats | p. 17 |
| A Contextual View of Insiders and Insider Threats | p. 17 |
| Risks of Insider Misuse | p. 20 |
| Types of Insiders | p. 20 |
| Types of Insider Misuse | p. 21 |
| Threats, Vulnerabilities, and Risks | p. 22 |
| Relevant Knowledge and Experience | p. 23 |
| Exploitations of Vulnerabilities | p. 24 |
| Potential Risks Resulting from Exploitations | p. 25 |
| Countermeasures | p. 25 |
| Specification of Sound Policies for Data Gathering and Monitoring | p. 27 |
| Detection, Analysis, and Identification of Misuse | p. 28 |
| Desired Responses to Detected Anomalies and Misuses | p. 29 |
| Decomposition of Insider Misuse Problems | p. 29 |
| Stages of Development and Use | p. 30 |
| Extended Profiling Including Psychological and Other Factors | p. 31 |
| Requirements for Insider-Threat-Resistant High-Integrity Elections | p. 33 |
| Relevance of the Countermeasures to Elections | p. 36 |
| Research and Development Needs | p. 39 |
| Conclusions | p. 40 |
| References | p. 41 |
| Insider Threat and Information Security Management | p. 45 |
| Introduction | p. 45 |
| Definitions of Insider and the Relevance to Information Security Management | p. 46 |
| Risk and Insiderness | p. 49 |
| The Importance of Organisational Culture and the Significance of Cultural Risks | p. 51 |
| Fieldwork on Culture and the Insider Threat | p. 51 |
| The Structure of the ISMS and Traditional Information Security Management Responses to Insiderness | p. 53 |
| Analysis - Turning an ISMS Inwards | p. 54 |
| The Role of Operationalisation | p. 55 |
| Information Security Management Standards, Best Practice and the Insider Threat | p. 56 |
| General Security Management Standards | p. 56 |
| Guidelines Focused on the Management of the Insider Threat | p. 57 |
| Analysis of the Contribution of Best Practice and Guidelines | p. 60 |
| Crime theories and insider threat | p. 61 |
| Existing Connections between Crime Theories and Information Security Management | p. 62 |
| Implications of Crime Theories for ISMS Design | p. 63 |
| Application of SCP to the ISO Control Domains | p. 64 |
| Implications for ISMS Process Design | p. 66 |
| Summary of Crime Theory Contribution | p. 68 |
| Conclusions | p. 69 |
| References | p. 70 |
| A State of the Art Survey of Fraud Detection Technology | p. 73 |
| Introduction | p. 73 |
| Data Analysis Methodology | p. 74 |
| Survey of Technology for Fraud Detection in Practice | p. 76 |
| General Approaches for Intrusion and Fraud Detection | p. 76 |
| State of the Art of Fraud Detection Tools and Techniques | p. 78 |
| Why Fraud Detection is not the Same as Intrusion Detection | p. 80 |
| Challenges for Fraud Detection in Information Systems | p. 82 |
| Summary | p. 82 |
| References | p. 84 |
| Combining Traditional Cyber Security Audit Data with Psychosocial Data: Towards Predictive Modeling for Insider Threat Mitigation | p. 85 |
| Introduction | p. 85 |
| Background | p. 88 |
| Issues of Security and Privacy | p. 91 |
| Predictive Modeling Approach | p. 94 |
| Training Needs | p. 106 |
| Conclusions and Research Challenges | p. 109 |
| Acknowledgments | p. 111 |
| References | p. 111 |
| A Risk Management Approach to the "Insider Threat" | p. 115 |
| Introduction | p. 116 |
| Insider Threat Assessment | p. 117 |
| Example | p. 120 |
| Summary | p. 122 |
| Access-Based Assessment | p. 122 |
| Psychological Indicator-Based Assessment | p. 126 |
| Application of Risk to System Countermeasures | p. 130 |
| Example | p. 133 |
| Summary | p. 135 |
| Conclusion | p. 135 |
| References | p. 135 |
| Legally Sustainable Solutions for Privacy Issues in Collaborative Fraud Detection | p. 139 |
| Introduction | p. 139 |
| Monitoring Modern Distributed Systems | p. 140 |
| Evidence Model | p. 142 |
| Observing Fraudulent Service Behaviours | p. 145 |
| Architectural Support | p. 148 |
| Introduction to the Legal Perspective | p. 149 |
| Basic Principles of Data Privacy Law | p. 150 |
| A Set of Six Basic Rules | p. 151 |
| General Legal Requirements of Fraud Detection Systems | p. 153 |
| Privacy Relevance of Fraud Detection Systems | p. 153 |
| Necessary Data for Fraud Detection | p. 154 |
| Transparency in the Fraud Detection Context | p. 155 |
| Purpose Specification and Binding in Fraud Detection | p. 155 |
| Permissibility of Fraud Detection | p. 155 |
| Quality of Event Data | p. 156 |
| Security of Event Data | p. 156 |
| Technical Solutions for Privacy-respecting Fraud Detection | p. 156 |
| Technicla Requirements | p. 157 |
| Lossless Information Reduction with Covered Data | p. 161 |
| Lossy Information Reductions for Timestamps | p. 161 |
| Legal Improvements by Pseudonymizing Event Data | p. 165 |
| Technical Description | p. 165 |
| Privacy Relevance of Pseudonymized Event Data | p. 166 |
| Strengthening the Data Privacy Official | p. 167 |
| Disclosure With Legal Permission | p. 167 |
| Data and System Security | p. 168 |
| Conclusion | p. 168 |
| References | p. 169 |
| Towards an Access-Control Framework for Countering Insider Threats | p. 173 |
| Introduction | p. 173 |
| Motivation and related work | p. 177 |
| Illustrative scenarios | p. 177 |
| Definitions of insiders | p. 179 |
| Access control | p. 180 |
| The insider problem and access control | p. 181 |
| Trust, trustworthiness, and the insider problem | p. 182 |
| Insiderness | p. 183 |
| Trust management and risk assessment | p. 183 |
| Pragmatics of identifying suspicious events | p. 184 |
| Toward a context-and insider-aware policy language | p. 185 |
| Context and request predicates | p. 186 |
| Requirements | p. 186 |
| Policy transformations via declarative programming | p. 187 |
| Discussion of requirements | p. 188 |
| Policy transformations | p. 189 |
| Risk-and trustworthiness-aware policy composition | p. 190 |
| Access-control architectures and the insider problem | p. 191 |
| Concluding remarks | p. 192 |
| References | p. 194 |
| Monitoring Technologies for Mitigating Insider Threats | p. 197 |
| Introduction | p. 197 |
| Related Research | p. 200 |
| Threat Model - Level of Sophistication of the Attacker | p. 201 |
| Decoy Properties | p. 202 |
| Architecture | p. 207 |
| Decoy Document Distributor | p. 207 |
| SONAR | p. 208 |
| Decoys and Network Monitoring | p. 208 |
| Host-based Sensors | p. 211 |
| Concluding Remarks and Future Work | p. 215 |
| References | p. 217 |
| Insider Threat Specification as a Threat Mitigation Technique | p. 219 |
| Introduction | p. 219 |
| The Insider Threat Problem | p. 220 |
| Background | p. 221 |
| The Common Intrusion Specification Language | p. 221 |
| Panoptis | p. 225 |
| Insider Misuse Taxonomies and Threat Models | p. 226 |
| The Scope of the Insider Threat Prediction Specification Language | p. 237 |
| The Domain Specific Language Programming Paradigm | p. 240 |
| Conclusion | p. 242 |
| References | p. 242 |
| Table of Contents provided by Ingram. All Rights Reserved. |
The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.
Need Help? Copyright © 1999-2025
