Universiti Teknologi Malaysia Institutional Repository

Insider risk profile matrix to quantify risk value of insider threat prediction framework

Ismail, I. and Hassan, R. and Othman, M. R. and Ahmad, A. S. and Tawfiq, N. E. (2017) Insider risk profile matrix to quantify risk value of insider threat prediction framework. Journal of Theoretical and Applied Information Technology, 95 (20). pp. 5595-5608. ISSN 1992-8645

[img]
Preview
PDF
687kB

Official URL: https://www.scopus.com/inward/record.uri?eid=2-s2....

Abstract

An insider threat refers to the threat arising from an individual inside an organization that maliciously leverages his or her system privileges, and closeness and proximity in a computerized environment to compromise valuable information and inflict harm. This scenario is an example of system violation that decreases the degree of system trustworthiness. Most cases of system trustworthiness use a peer judgment formulation, which may involve bias sentiments towards document sensitivity values. Moreover, audit trails of risky document navigation paths are important as an alarm to indicate any violation. Therefore, this study presents a combination of the trust criteria and document sensitivity level of an insider to obtain a risk value, which will be used to predict the occurrence of an insider threat. This study begins by investigating the prominent attributes of insiders with a focus on their degree of experience and skill in line with system trust. Subsequently, these prominent attributes are used to construct an insider Trust Profile Matrix (TPM). From the TPM, the trust value is calculated and combined with the sensitivity value of each document to produce a Risk Matrix (RM). As a result, (i) risk value and (ii) prediction rate and risky path are then calculated and analyzed using an Insider Threat Prediction Framework as an alarm for violation occurrence.

Item Type:Article
Uncontrolled Keywords:Sensitivity level, Trust value
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:Computing
ID Code:76646
Deposited By: Fazli Masari
Deposited On:30 Apr 2018 13:47
Last Modified:30 Apr 2018 13:47

Repository Staff Only: item control page