In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
» Openaccess proceedings » Ninth International Network Conference (INC 2012)
Ninth International Network Conference (INC 2012) |
Title: The Insider Threat Prediction and Specification Language
Author(s): Georgios Magklaras, Steven Furnell
Reference: pp51-61
Keywords: Insider misuse, insider threat specification, logging engine, Domain Specific Languages, insider threat signature
Abstract: Various information security surveys and case studies indicate the importance and manifestation of the insider threat problem. One of the most important tools to address insider threats is to enable the researchers to build case studies and express/replay threat scenarios. The Insider Threat Prediction and Specification Language (ITPSL) is a Domain Specific Language (DSL) created to provide a systemic way to describe insider threats and misuse incidents. This paper presents the scope of creation as well as the design philosophy of the language. An early language compiler prototype and its underlying insider threat monitoring framework are presented followed by an evaluation of the language against real world insider threat scenarios. The paper concludes with a brief discussion of the future trends in insider threat monitoring and specification.
Download count: 1434
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.