ebook img

Insider Threats Meet Access Control: Insider Threats Detected Using Intent-based Access Control (IBAC) PDF

206 Pages·2018·8.34 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Insider Threats Meet Access Control: Insider Threats Detected Using Intent-based Access Control (IBAC)

Insider Threats Meet Access Control Abdulaziz Almehmadi, PhD Copyright © 2016 Abdulaziz Almehmadi All rights reserved. ISBN-10: 1983529184 ISBN-13: 978-1983529184 DEDICATION To my mother. To my wife. Abstract Existing access control mechanisms are based on the concepts of identity enrollment and recognition, and assume that recognized identity is synonymous with ethical actions. However, statistics over the years show that the most severe security breaches have been the results of trusted, authorized, and identified users who turned into malicious insiders. Therefore, demand exists for designing prevention mechanisms. A non-identity-based authentication measure that is based on the intent of the access request might serve that demand. In this book, we test the possibility of detecting intention of access using involuntary electroencephalogram (EEG) reactions to visual stimuli. This method takes advantage of the robustness of the Concealed Information Test to detect intentions. Next, we test the possibility of detecting motivation of access, as motivation level corresponds directly to the likelihood of intent execution level. Subsequently, we propose and design Intent-based Access Control (IBAC), a non-identity-based access control system that assesses the risk associated with the detected intentions and motivation levels. We then study the potential of IBAC in denying access to authorized individuals who have malicious plans to commit maleficent acts. Based on the access risk and the accepted threshold established by the asset owners, the system decides whether to grant or deny access requests. We assessed the intent detection component of the IBAC system using experiments on 30 participants and achieved accuracy of 100% using Nearest Neighbor and SVM classifiers. Further, we assessed the motivation detection component of the IBAC system. Results show different levels of motivation between hesitation-based vs. motivation-based intentions. Finally, the potential of IBAC in preventing insider threats by calculating the risk of access using intentions and motivation levels as per the experiments shows access risk that is different between unmotivated and motivated groups. These results demonstrate the potential of IBAC in detecting and preventing malicious insiders. Keywords Non-Identity-Based Access Control, Intent-Based Access Control, Malicious Insider, Insider Threat, Intention Detection, Motivation Detection, Electroencephalogram, EEG, Event-Related Potential, EEP, P300, Concealed Information Test, CIT, BCI.. Table of Contents ABSTRACT TABLE OF CONTENTS CHAPTER 1. INTRODUCTION 1.1 O 1.2 P S 1.3 M 1.4 P VERVIEW ROBLEM TATEMENT OTIVATION ROPOSAL 1.4.1 Hypotheses 1.5 C 1.6 O B ONTRIBUTIONS RGANIZATION OF THE OOK CHAPTER 2. INSIDER THREATS AND ACCESS CONTROL LITERATURE REVIEW 2.1 T I T 2.1.1 Overview HE NSIDER HREAT 2.1.2 Insider Threat Profiles 2.1.3 Insider Threat Impact 2.1.4 Insider Threats Prevention Best Practices 2.1.5 Existing Solutions to the Insider Threat and Their Limitations 2.2 I - DENTITY BASED A C 2.3 I M D 2.3.1 CCESS ONTROL NTENTION AND OTIVATION ETECTION Intention Detection 2.3.2 Motivation Detection 2.4 B -C I (BCI) 2.4.1 Electroencephalogram RAIN OMPUTER NTERFACE (EEG) Robustness in Patterns of Individual Differences and Similarities 2.4.2 Event-Related Potential (ERP) 2.4.3 Concealed Information Test (CIT) Using P300-based ERP 2.5 C CHAPTER 3. RESEARCH OBJECTIVES AND ONCLUSION METHODOLOGY 3.1 O 3.2 R O 3.3 M 3.3.1 VERVIEW ESEARCH BJECTIVES ETHODOLOGY Intention Detection 3.3.2 Motivation Detection 3.3.3 Intent-based Access Control (IBAC) Design 3.3.4 Potential of IBAC in Preventing Insider Threats CHAPTER 4. EXPERIMENTAL DESIGN TO DETERMINE THE POTENTIAL OF IBAC 4.1 O 4.1.1 Initial Experiments 4.1.2 Preliminary Results VERVIEW 4.2 E 4.2.1 Experiment 1 Design: General Intent and XPERIMENTS Motivation Detection with an Expectation of Intention Not to Be Executed (Hesitation-based). 4.2.2 Experiment 2 Design: Mimicking an Insider Threat of Viewing High-Level Secure Files with an Expectation of intention being executed (Motivation-based). CHAPTER 5. DATA ANALYSIS, RESULTS AND DISCUSSION 5.1 O 5.2 D A R 5.2.1 P300 as an VERVIEW ATA NALYSIS AND ESULTS Intention Detection Measure (Objective 1) 5.2.2 P300 Amplitude as a Motivation Measure (Objective 2) 5.2.3 IBAC System Assessment (Objective 3) 5.2.4 The Potential of IBAC in Preventing Insider Threats (Objective 4) 5.2.5 Summary of Findings 5.3 D 5.3.1 IBAC Usability ISCUSSION 5.3.2 IBAC Acceptability (User’s Perspective) 5.3.3 IBAC Privacy Issues 5.3.4 IBAC Deployment 5.3.5 IBAC Challenges and Limitations 5.3.6 IBAC Implications 5.3.7 IBAC Advantages CHAPTER 6. FUTURE WORK 6.1 Intention Detection 6.2 Motivation Detection 6.3 IBAC Improvement 6.4 Non-Identity-based Access Control 6.5 Other Research Areas CHAPTER 7. CONCLUSIONS APPENDIX 1: EXPERIMENTS PSEUDO CODE APPENDIX 2: LIST OF PUBLICATIONS BIBLIOGRAPHY ACKNOWLEDGMENTS I would like to express my deepest and sincere gratitude to Dr. Khalil El-Khatib for his enlightening guidance, motivation, and vast knowledge and for the continuous support. I would like to thank my family: my wife, my son, my daughter, my parents, my brother and sisters for supporting me spiritually throughout writing this book.

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.