Detection and prediction of insider threats to cyber security: a systematic literature review and meta-analysis
作者: Iffat A. Gheyas , Ali E. Abdallah
DOI: 10.1186/S41044-016-0006-0
关键词:
摘要: Cyber security is vital to the success of today’s digital economy. The major threats are coming from within, as opposed outside forces. Insider threat detection and prediction important mitigation techniques. This study addresses following research questions: 1) what trends in insider nowadays? 2) What challenges associated with prediction? 3) best-to-date algorithms? We conduct a systematic review 37 articles published peer-reviewed journals, conference proceedings edited books for period 1950–2015 address first two questions. Our survey suggests that game theoretic approach (GTA) popular source data; insiders’ online activities most widely used features prediction; papers use single point estimates likelihood; graph algorithms tools detecting predicting threats. key facing system include unbounded patterns, uneven time lags between activities, data nonstationarity, individuality, collusion attacks, high false alarm rates, class imbalance problem, undetected uncertainty, large number free parameters model. To identify algorithms, our meta-analysis excludes theoretical proposing conceptual selected resulting selection 13 papers. rank presented based on merits transparency information. determine significance sums, we perform “the Friedman two-way analysis variance by ranks” test “multiple comparisons groups or conditions” tests.
biomedcentral.com
hud.ac.uk
figshare.com
bcu.ac.uk
springer.com
core.ac.uk 
sci-hub.se 参考文章(43)
Miltiadis Kandias, Konstantina Galbogini, Lilian Mitrou, Dimitris Gritzalis, Insiders Trapped in the Mirror Reveal Themselves in Social Media Network and System Security. pp. 220- 235 ,(2013) , 10.1007/978-3-642-38631-2_17
Philip A. Legg, Oliver Buckley, Michael Goldsmith, Sadie Creese, Automated Insider Threat Detection System Using User and Role-Based Profile Assessment IEEE Systems Journal. ,vol. 11, pp. 503- 512 ,(2017) , 10.1109/JSYST.2015.2438442
Qussai Yaseen, Brajendra Panda, Enhanced insider threat detection model that increases data availability international conference on distributed computing and internet technology. pp. 267- 277 ,(2011) , 10.1007/978-3-642-19056-8_20
Miltiadis Kandias, Alexios Mylonas, Nikos Virvilis, Marianthi Theoharidou, Dimitris Gritzalis, An insider threat prediction model trust and privacy in digital business. pp. 26- 37 ,(2010) , 10.1007/978-3-642-15152-1_3
G.B Magklaras, S.M Furnell, Events: Insider Threat Prediction Tool: Evaluating the probability of IT misuse Computers & Security. ,vol. 21, pp. 62- 73 ,(2001) , 10.1016/S0167-4048(02)00109-8
Debin Liu, XiaoFeng Wang, Jean Camp, Game-theoretic modeling and analysis of insider threats International Journal of Critical Infrastructure Protection. ,vol. 1, pp. 75- 80 ,(2008) , 10.1016/J.IJCIP.2008.08.001
Qussai Yaseen, Brajendra Panda, Tackling Insider Threat in Cloud Relational Databases utility and cloud computing. pp. 215- 218 ,(2012) , 10.1109/UCC.2012.18
Joshua Glasser, Brian Lindauer, Bridging the Gap: A Pragmatic Approach to Generating Insider Threat Data ieee symposium on security and privacy. pp. 98- 104 ,(2013) , 10.1109/SPW.2013.37
Majid Raissi-Dehkordi, David Carr, A multi-perspective approach to insider threat detection military communications conference. pp. 1164- 1169 ,(2011) , 10.1109/MILCOM.2011.6127457
Sidney Siegel, Nonparametric statistics for the behavioral sciences ,(1956)