期刊名称:International Journal of Computer Science and Network Security
印刷版ISSN:1738-7906
出版年度:2016
卷号:16
期号:6
页码:81-85
出版社:International Journal of Computer Science and Network Security
摘要:The problem of insider threats is one of the most challenging to the organizations and research community since a long time. It is well proved that the damage done by insiders is more severe than that of external attackers .In government organizations, most of the users are not aware of the advanced security measures so are more vulnerable to such kind of attacks. As observed by reviewing many case studies of insider attacks, it is clear that insiders normally perform some unusual or suspicious activities before launching actual attacks. So monitoring these activities and taking proper actions in time is helpful to avoid such kinds of attacks. In this paper a risk assessment methodology is presented to compute the threat levels of users in lesser IT literate environment. This methodology is an extension to our previous work [1]. The difference is that in previous work the approach was for pure IT related business organizations where most of the users were aware about the security measures. The methodology combines technical measures and psychological indicators to detect insiders. The simulation of methodology in a test network against different scenarios shows that it efficiently categorizes users according to their threat level. So it provides a useful first step towards categorizing the users according to their actions.
