Comprehensiveness of Response to Internal Cyber-Threat and Selection of Methods to Identify the Insider

Sergey Igorevich Zhurin

Abstract


A range of international regulatory documents state the importance of counteracting insiders, especially cyber-insiders, in  critical facilities and simultaneously providing complex protection, which includes technical, administrative and information protection. In that case the insider, who is familiar with the protection or information system, will be able to find vulnerabilities and weak points in the protection of the information system or control system. One of the most important aspects of the preventive measures against insiders is personnel checks using different techniques, including interviews, social network analysis, and local area network analysis. In the case of having limited financial resources, it is necessary to choose a technique from a checklist rationally.

Full Text:

PDF

References


Shemigon N.N. & Petrakov A.V., Protection of Objects: Machinery and Technology, Energoatomizdat, Moscow, 2005.

Zhurin S.I., Framework for Counteracting Insider Threats, Textbook: MEPhI, Moscow, 2013.

Insider Threat Attributes and Mitigation Strategies, SoftWare Engineering Institute, https://resources.sei.cmu.edu/asset_files/TechnicalNote/2013_004_001_57590.pdf (5 March 2015).

Common Sense Guide to Mitigating Insider Threats. SoftWare Engineering Institute 4th Edition, 2012, http://resources.sei.cmu.edu/asset_files/TechnicalReport/2012_005_001_34033.pdf (5 March 2015).

The ‘Big Picture’ of Insider IT Sabotage Across U.S. Critical Infrastructures. 2008, https://resources.sei.cmu.edu/asset_files/TechnicalReport/2008_005_001_14981.pdf (5 March 2015).

IAEA, Preventive and Protective Measures against Insider Threats.IAEA Nuclear Security, Series 8, 2008.

INFCIRS, Convention on the Physical Protection of Nuclear Material,INFCIRS/274/rev. 1, 1987.

RF Government, Rules of Physical Protection of Nuclear Materials, Nuclear Plants and Storage of Nuclear Materials, RF Government Decree number 456, Approved 19.07.2007.

INFCIRS, Physical Protection of Nuclear Material (NM) and nuclear facilities (NF) - INFCIRS/225/rev. 5, 2011.

Memorandum: Army Directive 2013-18 (Army Insider Threat Program),http://www.fas.org/irp/doddir/army/insider.pdf (5 March 2015).

The Russian Federal Law ‘On Combating Terrorism, from 25.07.98. № 130-FZ.

Kudryavtsev, B.N., Genesis of crime. ‘Infra-M’, Moscow, 1998.

Duran F. Conrad S., Conrad G. Duggan D., Held. E., Building a System for Insider Security, IEEE Security and Privacy, 7(6), pp. 30-38, 2009.

Kanaskar, N., Bian, J., Seker, R., Nijim, M., Yilmazer, N., Dynamical System Approach to Insider Threat Detection, IEEE International Systems Conference (SysCon), pp. 232-238, 2011.

Kharskiy K.V. Loyalty and Trustworthiness of Staff. PITER, SanktPeterburg. 2003.

Zhurin S.I., Automated System for Preventing Crimes as Part of The Security of An Important Public Facility (Thesis for The Degree of Candidate of Technical Sciences), MEPhI, Moscow, 2000.

Shapiro D.I., Multicriteria Models for Forming and Choosing Systems, M. Energoatomizdat, Moscow, 1983.

Kini, R.L. & Rayfa, H., Decision-Making at Many Criteria: Preferences and Replacements, Radio and Communications, Moscow, 1981.

Litvak, B.G., Expert Information: Obtaining Methods and Analysis, Radio and Communications, Moscow, 1982.




DOI: http://dx.doi.org/10.5614%2Fitbj.ict.res.appl.2015.8.3.5

Refbacks

  • There are currently no refbacks.


Contact Information:

ITB Journal Publisher, LPPM – ITB, 

Center for Research and Community Services (CRCS) Building Floor 7th, 
Jl. Ganesha No. 10 Bandung 40132, Indonesia,

Tel. +62-22-86010080,

Fax.: +62-22-86010051;

e-mail: jictra@lppm.itb.ac.id.