This book defines the nature and scope of insider problems as viewed by the financial industry. This edited volume is based on the first workshop on Insider Attack and Cyber Security, IACS 2007. The workshop was a joint effort from the Information Security Departments of Columbia University and Dartmouth College. The book sets an agenda for an ongoing research initiative to solve one of the most vexing problems encountered in security, and a range of topics from critical IT infrastructure to insider threats. In some ways, the insider problem is the ultimate security problem.
Table of Contents
The Insider Attack Problem Nature and Scope.- Reflections on the Insider Threat.- The “Big Picture” of Insider IT Sabotage Across U.S. Critical Infrastructures.- Data Theft: A Prototypical Insider Threat.- A Survey of Insider Attack Detection Research.- Naive Bayes as a Masquerade Detector: Addressing a Chronic Failure.- Towards a Virtualization-enabled Framework for Information Traceability (VFIT).- Reconfigurable Tamper-resistant Hardware Support Against Insider Threats: The Trusted ILLIAC Approach.- Surviving Insider Attacks: A Call for System Experiments.- Preventative Directions For Insider Threat Mitigation Via Access Control.- Taking Sk and Looking Forward – An Outsider’s Perspective on the Insider Threat.- Hard Problems and Research Challenges.- Hard Problems and Research Challenges Concluding Remarks.