Insider threats are a present and growing concern to organizations worldwide. Trusted employees with detailed knowledge and authorized access privileges have the capability to inflict devastating consequences through intentional/malicious or unintentional/accidental means to an organization's critical assets that include people, data, facilities, and technologies. Given the complexity of the insider threat problem, anymitigation approach must have both a behavioral and a technical component.
Understanding and combatting both types of insider threat effectively poses complex and difficult problems for the research and operational communities. Unintentional insider threats are as dangerous as intentional ones, and both types of threats deserve careful study in order to better understand their origins and develop effective mitigation approaches. Because of differences in motivation and intent, these two types of insider threat must be handled differently. Just as human error may be traced to deep-seated systemic problems, unintentional insider threat incidents may arise from a variety of contributing organizational factors, such as conflicting policies that confuse the otherwise well-meaning perpetrator. Intentional insider threats are associated with more malicious motivations, but even these threats can have organizational contributing factors.
Analyzing and detecting insider threats therefore should involve examination of both technical and non-technical indicators. Effective approaches will require contributions from many different disciplines, including those that study human behavioral factors. This minitrack solicits papers emphasizing this cross-cutting work as well as papers that present case studies and experiences in coping with insider attacks or preventing them.
Specific example topic areas include, but are by no means limited to:
Jason W. Clark is a researcher at Carnegie Mellon University - Software Engineering Institute (SEI). His main area of interests are cyber-security with a focus on insider threats, specifically prediction, detection, and mitigation. He completed his Ph.D in Information Technology from George Mason University, where he specialized in cyber-crime and anonymous searching of the Internet. Prior to joining the SEI in 2012, Jason worked at the Institute for Defense Analyses (IDA) as a lead information security analyst and from 2003-2007 at the United States Census Bureau writing and reviewing security documentation and policy. He also teaches part-time courses at Northern Virginia Community College (NVCC), Southern New Hampshire University (SNHU), and Embry Riddle University.
Matt Bishop received his Ph.D. in computer science from Purdue University, where he specialized in computer security, in 1984. He was a research scientist at the Research Institute of Advanced Computer Science and was on the faculty at Dartmouth College before joining the Department of Computer Science at the University of California at Davis. His main research area is the analysis of vulnerabilities in computer systems, including modeling them, building tools to detect vulnerabilities, and ameliorating or eliminating them. He is active in the areas of network security, the study of denial of service attacks and defenses, policy modeling, software assurance testing, formal modeling of access control, and the insider problem. He is also interested in electronic voting, and was one of the two principle investigators of the California Top-to-Bottom Review, which performed a technical review of all electronic voting systems certified in the State of California. He is active in information assurance education. His textbook, Computer Security: Art and Science, was published in December 2002 by Addison-Wesley Professional. He also teaches software engineering, machine architecture, operating systems, programming, and (of course) computer security.
Frank L. Greitzer is Founder and Principal Scientist at PsyberAnalytix, LLC, which performs applied research and consulting in cognitive systems engineering and human-systems analysis to improve information technology/computational science support for decision making, training, and human information processing. He holds a PhD degree in Mathematical Psychology with specialization in memory and cognition and a BS degree in Mathematics. Dr. Greitzer recently retired from the Pacific Northwest National Laboratory (PNNL), where he served as a Chief Scientist for Cognitive Informatics and supported research in human-system integration, decision making and information processing in applied areas of cyber security, power grid/smart grid operational decision making, and intelligence/information analysis. With over thirty years of applied research and development experience in cognitive psychology, human information processing, and user-centered design, his research interests include human behavior modeling to anticipate cyber/insider and terrorist threats, cognitive support for control systems operators and decision makers, and associated decision support/visualization solutions, as well as design of evaluation methods and metrics to assess the performance and effectiveness of new methods and tools. Dr. Greitzer’s interests also include applying cognitive principles to develop innovative, interactive training and education applications.
Jason W. Clark
Software Engineering Institute
Carnegie Mellon University
4500 Fifth Avenue
Pittsburgh, PA 15213, USA
Matt Bishop, PhD
University of California at Davis
Department of Computer Science
One Shields Ave.
Davis, CA 95616, USA
Frank L. Greitzer, PhD
Richland, WA 99352-7328, USA