The cyber enemy within ... Countering the threat from malicious insiders

Dick Brackney; Terrance Goan; Shambhu Upadhyaya; Allen Ott; Lockheed Martin

doi:10.1109/CSAC.2004.39

The cyber enemy within ... Countering the threat from malicious insiders

Dick Brackney
, Terrance Goan
, Shambhu Upadhyaya
, Allen Ott
, Lockheed Martin

Department of Computer Science and Engineering

Advanced Research and Development Activity
Stottler Henke Associates
Orincon Information Assurance

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

4 Scopus citations

Abstract

The measures to be taken to counter threats from malicious insiders who may use their computer privileges to modify, remove, or prevent access to an organization's data are discussed. The information security community needs to consider new means of evaluating behaviours over months or even years, and for incorporating non-traditional evidence. Detection and a tamper-resistant logging and track-back mechanism must be in place so that essential details about the attack and the feedback to refine the security policies can be collected should an attack succeed. The use of automated technology to gather network insider information, modeling of users and networks, and advanced reasoning techniques to identify sophisticated attacks should be researched.

Original language	English
Title of host publication	Proceedings - 20th Annual Computer Security Applications Conference, ACSAC 2004
Pages	346-347
Number of pages	2
DOIs	https://doi.org/10.1109/CSAC.2004.39
State	Published - 2004
Event	20th Annual Computer Security Applications Conference, ACSAC 2004 - Tucson, AZ, United States Duration: Dec 6 2004 → Dec 10 2004

Publication series

Name	Proceedings - Annual Computer Security Applications Conference, ACSAC
ISSN (Print)	1063-9527

Conference

Conference	20th Annual Computer Security Applications Conference, ACSAC 2004
Country/Territory	United States
City	Tucson, AZ
Period	12/6/04 → 12/10/04

Access to Document

10.1109/CSAC.2004.39

Cite this

@inproceedings{7d07947989264a108231ca5f6b8bf3b4,

title = "The cyber enemy within ... Countering the threat from malicious insiders",

abstract = "The measures to be taken to counter threats from malicious insiders who may use their computer privileges to modify, remove, or prevent access to an organization's data are discussed. The information security community needs to consider new means of evaluating behaviours over months or even years, and for incorporating non-traditional evidence. Detection and a tamper-resistant logging and track-back mechanism must be in place so that essential details about the attack and the feedback to refine the security policies can be collected should an attack succeed. The use of automated technology to gather network insider information, modeling of users and networks, and advanced reasoning techniques to identify sophisticated attacks should be researched.",

author = "Dick Brackney and Terrance Goan and Shambhu Upadhyaya and Allen Ott and Lockheed Martin",

year = "2004",

doi = "10.1109/CSAC.2004.39",

language = "English",

isbn = "0769522521",

series = "Proceedings - Annual Computer Security Applications Conference, ACSAC",

pages = "346--347",

booktitle = "Proceedings - 20th Annual Computer Security Applications Conference, ACSAC 2004",

note = "20th Annual Computer Security Applications Conference, ACSAC 2004 ; Conference date: 06-12-2004 Through 10-12-2004",

}

Brackney, D, Goan, T, Upadhyaya, S, Ott, A & Martin, L 2004, The cyber enemy within ... Countering the threat from malicious insiders. in Proceedings - 20th Annual Computer Security Applications Conference, ACSAC 2004. Proceedings - Annual Computer Security Applications Conference, ACSAC, pp. 346-347, 20th Annual Computer Security Applications Conference, ACSAC 2004, Tucson, AZ, United States, 12/6/04. https://doi.org/10.1109/CSAC.2004.39

The cyber enemy within ... Countering the threat from malicious insiders. / Brackney, Dick; Goan, Terrance; Upadhyaya, Shambhu et al.
Proceedings - 20th Annual Computer Security Applications Conference, ACSAC 2004. 2004. p. 346-347 (Proceedings - Annual Computer Security Applications Conference, ACSAC).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - The cyber enemy within ... Countering the threat from malicious insiders

AU - Brackney, Dick

AU - Goan, Terrance

AU - Upadhyaya, Shambhu

AU - Ott, Allen

AU - Martin, Lockheed

PY - 2004

Y1 - 2004

N2 - The measures to be taken to counter threats from malicious insiders who may use their computer privileges to modify, remove, or prevent access to an organization's data are discussed. The information security community needs to consider new means of evaluating behaviours over months or even years, and for incorporating non-traditional evidence. Detection and a tamper-resistant logging and track-back mechanism must be in place so that essential details about the attack and the feedback to refine the security policies can be collected should an attack succeed. The use of automated technology to gather network insider information, modeling of users and networks, and advanced reasoning techniques to identify sophisticated attacks should be researched.

AB - The measures to be taken to counter threats from malicious insiders who may use their computer privileges to modify, remove, or prevent access to an organization's data are discussed. The information security community needs to consider new means of evaluating behaviours over months or even years, and for incorporating non-traditional evidence. Detection and a tamper-resistant logging and track-back mechanism must be in place so that essential details about the attack and the feedback to refine the security policies can be collected should an attack succeed. The use of automated technology to gather network insider information, modeling of users and networks, and advanced reasoning techniques to identify sophisticated attacks should be researched.

UR - https://www.scopus.com/pages/publications/21644475049

U2 - 10.1109/CSAC.2004.39

DO - 10.1109/CSAC.2004.39

M3 - Conference contribution

AN - SCOPUS:21644475049

SN - 0769522521

T3 - Proceedings - Annual Computer Security Applications Conference, ACSAC

SP - 346

EP - 347

BT - Proceedings - 20th Annual Computer Security Applications Conference, ACSAC 2004

T2 - 20th Annual Computer Security Applications Conference, ACSAC 2004

Y2 - 6 December 2004 through 10 December 2004

ER -

The cyber enemy within ... Countering the threat from malicious insiders

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this