活动简介
- Welcome to the webpages of the 2016 Workshop on Research for Insider Threats, which is held on May 26, 2016, as part of the 37th IEEE Symposium on Security and Privacy.
- The threat of malicious insiders to organizational security has historically been one of the most difficult challenges to address. Insiders often attack using authorized access and with behavior very difficult to distinguish from normal activities. Today, insider attacks are further enabled by immense data storage capabilities, advanced searching algorithms, and the difficulty of comprehensive monitoring of networked systems. Because the actions that occur during insider attacks look much like normal user activities, this exacerbates the technical challenges of proposed solutions to reduce the high incidence of false positives. Furthermore, several recent high-profile attacks have been enabled by non-malicious, or unintentional, insiders fooled by exploits from external attackers.
- The insider threat problem continues to receive attention from government agencies. Executive Order 13587 requires all US Government agencies handling classified information to implement insider threat programs to protect sensitive information, leading to a greatly increased interest among US Government agencies in advances in detection of insider threats. Additionally, upcoming changes to the NISP Operating Manual (NISPOM, DoD 5220.22-M) will require insider threat programs for potentially tens of thousands of defense contractors. In recent years, DARPA sponsored two programs (CINDER and ADAMS) aimed at Insider Threat challenges, and there is currently a planned insider threat program sponsored by IARPA, called Scientific advances to Continuous Insider Threat Evaluation (SCITE), that focuses on new research aimed at identifying malicious insiders using active indicators. Technical solutions are emerging, but there are still significant challenges, for example, in the areas of reliable data on insider attacks, understanding the fundamentals of insider threats, and security and privacy aspects of surveillance data caused by advanced insider threat detection programs.
征稿信息
征稿范围
Topics of interest include but are not limited to:
- insider threat indicator development
- data collection, aggregation, and correlation for threat indicators
- data collection of baseline user data and behaviors
- analytic approaches that address key challenges such as reducing false positives
- novel techniques/new technologies for prevention, detection, and response to insider attacks
- predictive analytics for identifying potential indicators of insider threat
- linguistic approaches to identifying potential behavior of concern
- insider attacker behavioral models and analysis
- adversarial and game theoretic models of insider threats and attacks
- evaluation, experimentation and risk assessment of insider threat detection approaches
- mobile devices and insider threats
- social networking and insider threats
- identifying unknown insider attack patterns
- sociotechnical approaches to protecting against insider threat attacks
- biometric approaches for identifying potential insider threat behavior.
- application of solutions from other domains to address insider threats
- unintentional insider threats
- research directions addressing privacy and security
全部留言
重要日期
-
05月26日
2016
会议日期
-
05月26日 2016
注册截止日期
联系方式
- Frank Greitzer
- Fr******@PsyberAnalytix.com
留言