Announcements
Center for Information Protection
UC Davis is planning to join the NSF I/UCRC
Center for Information Protection. We are looking
for companies to join our Industrial Advisory
Board.
Find out more here!
Conferences and Workshops
- ISGIG 2009
- ACSAC 25
- PETRA 2010 (due 11/15)
- Oakland 2010 (due 11/18)
My Links
- My Home Page
- Books
- Classes
- Papers
- Reports and Notes
- Research
- Security in Programming
- Service
- Students
- Talks
- Miscellaneous
- My Family
- About Me (CV and such)
Other Links
- MyUCDavis
- Computer Security Lab
- Dept. of Computer Science
- College of Engineering
- University of California, Davis
- City of Davis
- County of Yolo
- State of California
- United States of America
Defining the Insider Threat
Citation
- M. Bishop and C. Gates, “Defining the Insider Threat,” Proceedings of the Cyber Security and Information Intelligence Research Workshop article 15 (May 2008).
Paper
Abstract
Many diverse groups have studied the insider threat problem, including government organizations such as the Secret Service, federally-funded research organizations such as RAND and CERT, and university researchers. In addition, many industry participants are interested in the problem, such as those in the financial sector. However, despite this interest, no consistent definition of an insider has emerged.We argue that the lack of a consistent definition of an insider hinders research in the detection of threats from insiders. In particular, a definition of an insider is first required in order to ensure that the research is, in fact, detecting threats of the desired type. Further, through the development and use of a consistent definition of insiders, it is possible to then compare different detection approaches to determine the best approach for detecting particular types of insiders.
