scholarly journals Insiders Dissected - New Foundations and a Systematisation of the Research on Insiders

2021 ◽  
Author(s):  
Ephraim Zimmer ◽  
Christian Burkert ◽  
Hannes Federrath
Keyword(s):  
Real World ◽  
Systematic Approach ◽  
Insider Threat ◽  
Clear Understanding ◽  
Insider Threats ◽  
New Approach ◽  
Insider Research ◽  
New Foundations ◽  
Key Aspects ◽  
Future Work

The insider threat is often cited as one of the most challenging threats for security practitioners. Even though this topic is receiving considerable attention, two main problems remain unsolved. First, research on insider threats is focusing on many different insiders without being able to actually identify and consistently entitle the key aspects of the insiders. As a result, this research can neither be identified by practitioners as being relevant for their real-world insider problems, nor can it be compared with other research targeting the same insider aspects. Second, a clear understanding of insiders is vital for analysing, which insider properties are responsible for the peculiarity of insider threats. In this paper, a systematic approach to dissect the defining aspects of insiders is proposed, which includes specific allocatable insider characteristics. Additionally, the insider characteristics are extended towards insider types, which establish universal and unambiguous names for different insiders, and which are related with each other to form a new and simple insider taxonomy. The new foundations on insiders allow the comparison of different insider research in a structured manner. Furthermore, the new approach facilitates the identification of specific features of insider threats in future work.

scholarly journals A Multi-Tiered Framework for Insider Threat Prevention

Electronics ◽  
2021 ◽  
Vol 10 (9) ◽  
pp. 1005
Author(s):  
Rakan A. Alsowail ◽  
Taher Al-Shehari
Keyword(s):  
Real World ◽  
Relevant Literature ◽  
Security And Privacy ◽  
Insider Threat ◽  
Unified Framework ◽  
Insider Threats ◽  
Public And Private ◽  
Private Organizations ◽  
Confidential Data ◽  
Real Value

As technologies are rapidly evolving and becoming a crucial part of our lives, security and privacy issues have been increasing significantly. Public and private organizations have highly confidential data, such as bank accounts, military and business secrets, etc. Currently, the competition between organizations is significantly higher than before, which triggers sensitive organizations to spend an excessive volume of their budget to keep their assets secured from potential threats. Insider threats are more dangerous than external ones, as insiders have a legitimate access to their organization’s assets. Thus, previous approaches focused on some individual factors to address insider threat problems (e.g., technical profiling), but a broader integrative perspective is needed. In this paper, we propose a unified framework that incorporates various factors of the insider threat context (technical, psychological, behavioral and cognitive). The framework is based on a multi-tiered approach that encompasses pre, in and post-countermeasures to address insider threats in an all-encompassing perspective. It considers multiple factors that surround the lifespan of insiders’ employment, from the pre-joining of insiders to an organization until after they leave. The framework is utilized on real-world insider threat cases. It is also compared with previous work to highlight how our framework extends and complements the existing frameworks. The real value of our framework is that it brings together the various aspects of insider threat problems based on real-world cases and relevant literature. This can therefore act as a platform for general understanding of insider threat problems, and pave the way to model a holistic insider threat prevention system.

EVOLVING INSIDER THREAT DETECTION STREAM MINING PERSPECTIVE

2013 ◽  
Vol 22 (05) ◽  
pp. 1360013 ◽  
Author(s):  
PALLABI PARVEEN ◽  
NATHAN MCDANIEL ◽  
ZACKARY WEGER ◽  
JONATHAN EVANS ◽  
BHAVANI THURAISINGHAM ◽  
...  
Keyword(s):  
Anomaly Detection ◽  
Unsupervised Learning ◽  
Large Data ◽  
Insider Threat ◽  
Threat Detection ◽  
Stream Mining ◽  
Insider Threats ◽  
System Logs ◽  
The Cost ◽  
Future Work

Evidence of malicious insider activity is often buried within large data streams, such as system logs accumulated over months or years. Ensemble-based stream mining leverages multiple classification models to achieve highly accurate anomaly detection in such streams, even when the stream is unbounded, evolving, and unlabeled. This makes the approach effective for identifying insider threats who attempt to conceal their activities by varying their behaviors over time. This paper applies ensemble-based stream mining, supervised and unsupervised learning, and graph-based anomaly detection to the problem of insider threat detection. It demonstrates that the ensemble-based approach is significantly more effective than traditional single-model methods, supervised learning outperforms unsupervised learning, and increasing the cost of false negatives correlates to higher accuracy. Future work will consider a wider range of tunable parameters in an effort to further reduce false positives, include a more sophisticated polling algorithm for weighting better models, and implement parallelization to lower runtimes to more rapidly detect emerging insider threats.

Adolescent Language: Models, Assessment, and Links to Reading

2019 ◽  
Author(s):  
Amanda Goodwin ◽  
Yaacov Petscher ◽  
Jamie Tock
Keyword(s):  
Reading Comprehension ◽  
Bifactor Model ◽  
Language Models ◽  
Multiple Group ◽  
Global Factor ◽  
Eighth Grade Students ◽  
Key Aspects ◽  
Future Work ◽  
The Relationship ◽  
Best Fit

Various models have highlighted the complexity of language. Building on foundational ideas regarding three key aspects of language, our study contributes to the literature by 1) exploring broader conceptions of morphology, vocabulary, and syntax, 2) operationalizing this theoretical model into a gamified, standardized, computer-adaptive assessment of language for fifth to eighth grade students entitled Monster, PI, and 3) uncovering further evidence regarding the relationship between language and standardized reading comprehension via this assessment. Multiple-group item response theory (IRT) across grades show that morphology was best fit by a bifactor model of task specific factors along with a global factor related to each skill. Vocabulary was best fit by a bifactor model that identifies performance overall and on specific words. Syntax, though, was best fit by a unidimensional model. Next, Monster, PI produced reliable scores suggesting language can be assessed efficiently and precisely for students via this model. Lastly, performance on Monster, PI explained more than 50% of variance in standardized reading, suggesting operationalizing language via Monster, PI can provide meaningful understandings of the relationship between language and reading comprehension. Specifically, considering just a subset of a construct, like identification of units of meaning, explained significantly less variance in reading comprehension. This highlights the importance of considering these broader constructs. Implications indicate that future work should consider a model of language where component areas are considered broadly and contributions to reading comprehension are explored via general performance on components as well as skill level performance.

284 Real World Data of Sequencing Immune Checkpoint Inhibitors (ICI) after Initial ICI

2020 ◽  
Vol 8 (Suppl 3) ◽  
pp. A310-A310
Author(s):  
Krishna Gunturu ◽  
Muhammad Awidi ◽  
Rojer Ranjit ◽  
Brendan Connell ◽  
Rachel Carrasquillo ◽  
...  
Keyword(s):  
Cell Death ◽  
Programmed Cell Death ◽  
Real World ◽  
Immune Checkpoint ◽  
Immune Checkpoint Inhibitors ◽  
Checkpoint Inhibitors ◽  
Medical Center ◽  
Clear Understanding ◽  
Real World Data ◽  
World Data

BackgroundICI revolutionized modern Oncology landscape and being utilized in metastatic to adjuvant and neo-adjuvant settings. As Oncologists, we are treating cancer patients with ICI every day, yet there is still a lot that is unknown about these drugs. We don’t have clear understanding of the efficacy and toxicity when sequencing one ICI for another. We conducted a retrospective review of real world data at Lahey Hospital and Medical Center to understand further and to pave path for prospective studies to understand this issue further to improve patient care.MethodsWe retrospectively reviewed Oncology patient charts who received ICI between January1, 2014 to December 18, 2018. Total 483 patients received ICI during this time frame and 22 of these patients received a second ICI either as monotherapy or in combination with other ICI or chemotherapy.ResultsA total of 22 patients received subsequent ICI after the initial ICI as showed in table 1. 15 of the 22 (68%) patients were transitioned from one ICI to another monotherapy. 11 of these patients were transitioned secondary to disease progression (73%), three had immune related adverse events and one was switched per standard of care. One patient had ICI re-challenge. Three patients had a transition from ICI monotherapy to combination ICI therapy. One patient went onto chemo-immunotherapy and 2 patients transitioned from combination ICI to chemo-immunotherapy.Abstract 284 Table 1Real world data of sequencing immune checkpoint inhibitors (ICI) after initial ICIConclusionsICI therapy is evolving and patients are being treated with multiple lines of ICI. In current practices, ICI is frequently being transitioned from cytotoxic T-lymphocyte antigen 4 (CTLA-4) and programmed cell death 1 (PD-1) or its ligand, programmed cell death ligand 1 (PD-L1) classes or combined with chemotherapy or targeted therapy. It would be prudent to explore the effects of sequencing these medications either as a monotherapy or in combination with other therapies to better serve our patients and to prevent financial toxicity.

scholarly journals Simplification and Detection of Outlying Trajectories from Batch and Streaming Data Recorded in Harsh Environments

2019 ◽  
Vol 8 (6) ◽  
pp. 272 ◽  
Author(s):  
Iq Reviessay Pulshashi ◽  
Hyerim Bae ◽  
Hyunsuk Choi ◽  
Seunghwan Mun ◽  
Riska Asriana Sutrisnowati
Keyword(s):  
South Korea ◽  
Real World ◽  
Experimental Evaluation ◽  
Streaming Data ◽  
Harsh Environments ◽  
Noise Filtering ◽  
New Approach ◽  
Detection Algorithms ◽  
Outlying Point

Analysis of trajectory such as detection of an outlying trajectory can produce inaccurate results due to the existence of noise, an outlying point-locations that can change statistical properties of the trajectory. Some trajectories with noise are repairable by noise filtering or by trajectory-simplification. We herein propose the application of a trajectory-simplification approach in both batch and streaming environments, followed by benchmarking of various outlier-detection algorithms for detection of outlying trajectories from among simplified trajectories. Experimental evaluation in a case study using real-world trajectories from a shipyard in South Korea shows the benefit of the new approach.

Between Real and Ideal: Documenting Media Art

Leonardo ◽  
2008 ◽  
Vol 41 (4) ◽  
pp. 418-419 ◽  
Author(s):  
Caitlin Jones ◽  
Lizzie Muller
Keyword(s):  
Data Structure ◽  
Real World ◽  
Media Art ◽  
New Approach ◽  
The Real ◽  
Key Features ◽  
The Ideal

This paper describes a new approach to documenting media art which seeks to place in dialogue the artist's intentions and the audience's experience. It explicitly highlights the productive tension between the ideal, conceptual existence of the work, and its actual manifestation through different iterations and exhibitions in the real world. The paper describes how the approach was developed collaboratively during the production of a documentary collection for the artwork Giver of Names, by David Rokeby. It outlines the key features of the approach including artist's interview, audience interviews and data structure.

scholarly journals IMPLEMENTATION OF MANAGERIAL INNOVATIONS IN RUSSIA: DECISIONS’ BACKGROUND, MAJOR AREAS AND FREQUENCY

2020 ◽  
Author(s):  
Natalia Guseva ◽  
◽  
Yaroslav Sovetkin ◽  
Keyword(s):  
Empirical Study ◽  
Systematic Approach ◽  
Effective Communication ◽  
Research Area ◽  
Multinational Companies ◽  
Moscow Region ◽  
Russian Market ◽  
Managerial Practices ◽  
Business Environments ◽  
Key Aspects

Unpredictable, complex and ambiguous business environments compel local and multinational companies to be more flexible and innovative in managerial practices. Nowadays managerial innovations (MI) are becoming a prevailing research area in management worldwide. This study investigates the key aspects of MI implementation in Russia from theoretical and empirical perspectives. The empirical study involved 1 025 employees from 791 companies operating in Moscow and the Moscow region as the major business centers of Russia. The results showed that companies operating in the Russian market base their decision to implement MI mostly on “proprietary investigation” (29% respondents). It was revealed that the major areas of MI implementation for such companies are “motivation” and “effective communication”, which are part of the “soft managerial practices”. Finally, the results of the study showed that in the majority of companies operating in the Russian market, the implementations of MI are made occasionally, without a systematic approach (39% respondents).

scholarly journals Conceptualizing from the Inside: Advantages, Complications, and Demands on Insider Positionality

2015 ◽  
Author(s):  
Christina Chavez
Keyword(s):  
Qualitative Research ◽  
Social Justice ◽  
Mexican American ◽  
Indigenous Communities ◽  
American Family ◽  
New Approach ◽  
Mexican American Family ◽  
Insider Research

The debate on insider/outsider positionality has raised issues about the methodological advantages and liabilities between the two, yet no clear account exists for what insider scholars can expect when they enter the field. First, I conceptualize how insider positionality can dually benefit and disadvantage the insider. Using a partial review of insider studies, including my study of my multigenerational Mexican American family, I also present a practical discussion on specific insider advantages and complications. In conclusion, I present a new approach to training novice insider scholars that will help them mediate between insider perspective and researcher position, an approach that promises greater rigor to insider research that will serve the goals of qualitative research for social justice in minority and indigenous communities.

scholarly journals An Insider Data Leakage Detection Using One-Hot Encoding, Synthetic Minority Oversampling and Machine Learning Techniques

Entropy ◽  
2021 ◽  
Vol 23 (10) ◽  
pp. 1258
Author(s):  
Taher Al-Shehari ◽  
Rakan A. Alsowail
Keyword(s):  
Machine Learning ◽  
Detection System ◽  
Machine Learning Algorithms ◽  
Machine Learning Techniques ◽  
Sensitive Period ◽  
Insider Threat ◽  
Leakage Detection ◽  
Insider Threats ◽  
Insider Attack ◽  
Proposed Model

Insider threats are malicious acts that can be carried out by an authorized employee within an organization. Insider threats represent a major cybersecurity challenge for private and public organizations, as an insider attack can cause extensive damage to organization assets much more than external attacks. Most existing approaches in the field of insider threat focused on detecting general insider attack scenarios. However, insider attacks can be carried out in different ways, and the most dangerous one is a data leakage attack that can be executed by a malicious insider before his/her leaving an organization. This paper proposes a machine learning-based model for detecting such serious insider threat incidents. The proposed model addresses the possible bias of detection results that can occur due to an inappropriate encoding process by employing the feature scaling and one-hot encoding techniques. Furthermore, the imbalance issue of the utilized dataset is also addressed utilizing the synthetic minority oversampling technique (SMOTE). Well known machine learning algorithms are employed to detect the most accurate classifier that can detect data leakage events executed by malicious insiders during the sensitive period before they leave an organization. We provide a proof of concept for our model by applying it on CMU-CERT Insider Threat Dataset and comparing its performance with the ground truth. The experimental results show that our model detects insider data leakage events with an AUC-ROC value of 0.99, outperforming the existing approaches that are validated on the same dataset. The proposed model provides effective methods to address possible bias and class imbalance issues for the aim of devising an effective insider data leakage detection system.

scholarly journals Putting resilient sustainability into strategy decisions – case studies

2018 ◽  
Vol 56 (7) ◽  
pp. 1598-1612 ◽  
Author(s):  
Julie Winnard ◽  
Jacquetta Lee ◽  
David Skipp
Keyword(s):  
Case Studies ◽  
Real World ◽  
Design Methodology ◽  
Strategic Decision ◽  
New Approach ◽  
Content Type ◽  
Industrial Companies ◽  
Different Types ◽  
Strategic Decision Support ◽  
Practical Implications

Purpose The purpose of this paper is to report the results of testing a new approach to strategic sustainability and resilience – Sustainable Resilient Strategic Decision-Support (SuReSDS™). Design/methodology/approach The approach was developed and tested using action-research case studies at industrial companies. It successfully allowed the participants to capture different types of value affected by their choices, optimise each strategy’s resilience against different future scenarios and compare the results to find a “best” option. Findings SuReSDS™ enabled a novel integration of environmental and social sustainability into strategy by considering significant risks or opportunities for an enhanced group of stakeholders. It assisted users to identify and manage risks from different kinds of sustainability-related uncertainty by applying resilience techniques. Users incorporated insights into real-world strategies. Research limitations/implications Since the case studies and test organisations are limited in number, generalisation from the results is difficult and requires further research. Practical implications The approach enables companies to utilise in-house and external experts more effectively to develop sustainable and resilient strategies. Originality/value The research described develops theories linking sustainability and resilience for organisations, particularly for strategy, to provide a new consistent, rigorous and flexible approach for applying these theories. The approach has been tested successfully and benefited real-world strategy decisions.

Sign in / Sign up

Export Citation Format

Share Document