Detecting Masquerading Traitors from Process Visualization of Computer

Warning

This publication doesn't include Faculty of Economics and Administration. It includes Faculty of Informatics. Official publication website can be found on muni.cz.
Authors

MACÁK Martin OŠLEJŠEK Radek BÜHNOVÁ Barbora

Year of publication 2023
Type Article in Proceedings
Conference 2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)
MU Faculty or unit

Faculty of Informatics

Citation
Web https://ieeexplore.ieee.org/document/10538928
Doi http://dx.doi.org/10.1109/TrustCom60117.2023.00263
Keywords insider attack;process visualization;cybersecurity;traitor;organization
Description Insider attacks in organizations are currently one of the most crucial cybersecurity challenges. Traitors are one of the most dangerous types of insider attackers. They are difficult to detect because they know the organization, processes, defense mechanisms, and employees. Besides abusing their rights and accesses, they can use their co-workers’ rights and accesses. They can hide their activities to perform attacks inconspicuously. The current masquerader detection techniques usually rely on the fact that the masquerader is an outsider, making them unable to detect attacks from the traitor. To detect these insider attackers, which we call masquerading traitors, we propose the human-as-solution approach and engage the employees in deciding whether the usage of their rights and accesses is suspicious and, therefore, might be performed by a masquerading traitor.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.