Insider Attack and Cyber Security: Beyond the Hacker defines the nature and scope of insider problems as viewed by the financial industry. This edited volume is based on the first workshop on Insider Attack and Cyber Security, IACS 2007. The workshop was a joint effort from the Information Security Departments of Columbia University and Dartmouth College.
This book sets an agenda for an ongoing research initiative to solve one of the most vexing problems encountered in security, and includes the following topics: critical IT infrastructure, insider threats, awareness and dealing with nefarious human activities in a manner that respects individual liberties and privacy policies of organizations while providing the best protection of critical resources and services. In some sense, the insider problem is the ultimate security problem. This volume concludes with technical and legal challenges facing researchers who study and propose solutions to mitigate insider attacks.
Cuprins
The Insider Attack Problem Nature and Scope.- Reflections on the Insider Threat.- The “Big Picture” of Insider IT Sabotage Across U.S. Critical Infrastructures.- Data Theft: A Prototypical Insider Threat.- A Survey of Insider Attack Detection Research.- Naive Bayes as a Masquerade Detector: Addressing a Chronic Failure.- Towards a Virtualization-enabled Framework for Information Traceability (VFIT).- Reconfigurable Tamper-resistant Hardware Support Against Insider Threats: The Trusted ILLIAC Approach.- Surviving Insider Attacks: A Call for System Experiments.- Preventative Directions For Insider Threat Mitigation Via Access Control.- Taking Stock and Looking Forward – An Outsider’s Perspective on the Insider Threat.- Hard Problems and Research Challenges.- Hard Problems and Research Challenges Concluding Remarks.