@inproceedings{9a53dd094bae4699a3183ef9ac538253,
title = "A preliminary cyber ontology for insider threats in the financial sector",
abstract = "Insider attack has become a major threat in financial sector and is a very serious and pervasive security problem. Currently, there is no insider threat ontology in this domain and such an ontology is critical to developing countermeasures against insider attacks. In this paper, we create an ontology focusing on insider attacks in the banking domain targeting database systems. We define the taxonomy used in this ontology and identify the relationships between the ontology classes. The resulting structure is a domain ontology mapped onto the Suggested Upper Merged Ontology (SUMO), Friend of a Friend(FOAF) and Finance ontologies to make our work integrable to the systems that use these ontologies and to create a broad knowledge base. The attack types we formulate in the ontology are masquerade, privilege elevation, privilege abuse and collusion attacks. Our model could be used to systematically evaluate any insider threat detection schemes in a realistic way and discover attacks that share similarities with previously identified attacks.",
keywords = "Cyber ontology, Financial sector, Relational database systems, Taxonomy",
author = "G{\"o}khan Kul and Shambhu Upadhyaya",
note = "Publisher Copyright: {\textcopyright} 2015 ACM.; 7th ACM CCS International Workshop on Managing Insider Security Threats, MIST 2015 ; Conference date: 12-10-2015",
year = "2015",
month = oct,
day = "16",
doi = "10.1145/2808783.2808793",
language = "English",
series = "MIST 2015 - Proceedings of the 7th ACM CCS International Workshop on Managing Insider Security Threats, co-located with CCS 2015",
publisher = "Association for Computing Machinery, Inc",
pages = "75--78",
booktitle = "MIST 2015 - Proceedings of the 7th ACM CCS International Workshop on Managing Insider Security Threats, co-located with CCS 2015",
}