Trust enhanced security architecture for detecting insider threats

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contribution

1 Citation (Scopus)

Abstract

Attacks on the organization networks can be classified as external and internal attacks. For the purpose of this paper we consider that external attacks are generated by the attackers or from hosts outside the organization, and internal attacks are generated by malicious insiders within the organization. Insider attacks have always been challenging to deal with as insiders have legitimate and physical access to the systems within the organization, and they have knowledge of the organization networks and more importantly, are aware of the security environment enforced within the organization. In this paper we propose novel trust enhanced security techniques to deal with the insider attack problem. Our architecture detects the attacks by monitoring the user activity as well as the state of the system using trusted computing in exposing and analyzing suspicious behaviour. We will demonstrate how an insider can exploit the weakness in the systems to generate different attacks and how our architecture can help to prevent such attacks.

Original languageEnglish
Title of host publicationProceedings
Subtitle of host publication12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2013, 11th IEEE International Symposium on Parallel and Distributed Processing with Applications, ISPA-13, 12th IEEE International Conference on Ubiquitous Computing and Communications, IUCC-2013, 16-18 July 2013, Melbourne, Victoria, Australia
Place of PublicationPiscataway, NJ
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Pages552-559
Number of pages8
ISBN (Print)9780769550220
DOIs
Publication statusPublished - 2013
Event12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2013 - Melbourne, VIC, Australia
Duration: 16 Jul 201318 Jul 2013

Other

Other12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2013
CountryAustralia
CityMelbourne, VIC
Period16/07/1318/07/13

Fingerprint Dive into the research topics of 'Trust enhanced security architecture for detecting insider threats'. Together they form a unique fingerprint.

  • Cite this

    Tupakula, U., & Varadharajan, V. (2013). Trust enhanced security architecture for detecting insider threats. In Proceedings: 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2013, 11th IEEE International Symposium on Parallel and Distributed Processing with Applications, ISPA-13, 12th IEEE International Conference on Ubiquitous Computing and Communications, IUCC-2013, 16-18 July 2013, Melbourne, Victoria, Australia (pp. 552-559). [6680886] Piscataway, NJ: Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/TrustCom.2013.8