Inside the Insider Threat Minitrack

The insider problem is one of the most important problems in computer security, and indeed in all aspects of real-world security. Insiders have compromised many key societal systems and processes in domains such as government, finance, and even science. Many reports of insider attacks describe people trusted with access to sensitive information abusing that access to damage that information, compromise the privacy of that information, and collaborate with others (sometimes other insiders) to cause various kinds of failures, losses and serious harm. Indeed, the insider problem is also pernicious in the non-computer world; as the ancient Roman satirist Juvenal said, "Who will guard the guards themselves?"

Any approaches therefore must have not only a technical aspect, but also a non-technical (social, political, legal, cultural, and so forth) approach. Insider attacks may be accidental or arise from conflicting policies that confuse the putative attacker. These unintentional insider attacks are as dangerous as deliberate insider attacks, but must be handled differently due to the lack of maliciousness. Understanding how to cope with unintentional insider attacks effectively is also a complex, difficult problem.

Analyzing and detecting insider threats involve both technical and non-technical approaches across many different disciplines, including human-oriented ones. This minitrack solicits papers emphasizing this cross- cutting work as well as papers that present case studies and experiences in coping with insider attacks or preventing them.

Minitrack topics include, but are not limited to:

  • Approaches to detecting, preventing, and ameliorating insider threats
  • Analyzing the effect of (potential or actual) insider attacks
  • Data on the scope and effect of insider threats and/or attacks
  • Minimizing the cost of preventative measures
  • Examining the causes of insider attacks
  • Multi-disciplinary approaches to the insider problem
  • Measuring the effectiveness of remediation technologies and methodologies
  • Insider threats and social media
  • Case studies of insider threats and attacks, including unintentional attacks
  • Human factors and the insider problem

Minitrack Co-Chairs:

Matt Bishop (Primary Contact)
University of California at Davis
Email: mabishop@ucdavis.edu

Kara Nance
University of Alaska Fairbanks
Email: klnance@alaska.edu

Jason W. Clark
Software Engineering Institute, Carnegie Mellon University
Email: jwclark@cert.org

Browse the Collection