TU Darmstadt / ULB / TUbiblio

Insiders Dissected: New Foundations and a Systematisation of the Research on Insiders

Zimmer, Ephraim ; Burkert, Christian ; Federrath, Hannes (2021):
Insiders Dissected: New Foundations and a Systematisation of the Research on Insiders.
In: Digital Threats: Research and Practice, 3 (1), ACM, ISSN 2692-1626,
DOI: 10.1145/3473674,
[Article]

Abstract

The insider threat is often cited as one of the most challenging threats for security practitioners. Even though this topic is receiving considerable attention, two main problems remain unsolved. First, research on insider threats is focusing on many different insiders without being able to actually identify and consistently entitle the key aspects of the insiders. As a result, this research can neither be identified by practitioners as being relevant for their real-world insider problems, nor can it be compared with other research targeting the same insider aspects. Second, a clear understanding of insiders is vital for analysing, which insider properties are responsible for the peculiarity of insider threats. In this article, a systematic approach to dissect the defining aspects of insiders is proposed, which includes specific allocatable insider characteristics. Additionally, the insider characteristics are extended toward insider types, which establish universal and unambiguous names for different insiders and which are related with each other to form a new and simple insider taxonomy. The new foundations on insiders allow the comparison of different insider research in a structured manner. Furthermore, the new approach facilitates the identification of specific features of insider threats in future work.

Item Type: Article
Erschienen: 2021
Creators: Zimmer, Ephraim ; Burkert, Christian ; Federrath, Hannes
Title: Insiders Dissected: New Foundations and a Systematisation of the Research on Insiders
Language: English
Abstract:

The insider threat is often cited as one of the most challenging threats for security practitioners. Even though this topic is receiving considerable attention, two main problems remain unsolved. First, research on insider threats is focusing on many different insiders without being able to actually identify and consistently entitle the key aspects of the insiders. As a result, this research can neither be identified by practitioners as being relevant for their real-world insider problems, nor can it be compared with other research targeting the same insider aspects. Second, a clear understanding of insiders is vital for analysing, which insider properties are responsible for the peculiarity of insider threats. In this article, a systematic approach to dissect the defining aspects of insiders is proposed, which includes specific allocatable insider characteristics. Additionally, the insider characteristics are extended toward insider types, which establish universal and unambiguous names for different insiders and which are related with each other to form a new and simple insider taxonomy. The new foundations on insiders allow the comparison of different insider research in a structured manner. Furthermore, the new approach facilitates the identification of specific features of insider threats in future work.

Journal or Publication Title: Digital Threats: Research and Practice
Journal volume: 3
Number: 1
Publisher: ACM
Collation: 35 pp.
Uncontrolled Keywords: research systematisation, insider type, insider modelling, insider taxonomy, insider ontology, Insider definition
Divisions: 20 Department of Computer Science
20 Department of Computer Science > Telecooperation
DFG-Graduiertenkollegs
DFG-Graduiertenkollegs > Research Training Group 2050 Privacy and Trust for Mobile Users
Event Location: New York, NY, USA
Date Deposited: 29 Oct 2021 06:26
DOI: 10.1145/3473674
Additional Information:

Art.No.: 2

Export:
Suche nach Titel in: TUfind oder in Google
Send an inquiry Send an inquiry

Options (only for editors)
Show editorial Details Show editorial Details