Home > Publications
Home University of Twente
Prospective Students
Intranet (internal)

EEMCS EPrints Service

9615 Defense against Insider Threat: a Framework for Gathering Goal-based Requirements
Home Policy Brochure Browse Search User Area Contact Help

Nunes Leal Franqueira, V. and van Eck, P.A.T. (2006) Defense against Insider Threat: a Framework for Gathering Goal-based Requirements. Technical Report TR-CTIT-06-75, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625

This is the latest version of this eprint.

Full text available as:


498 Kb
Open Access

Exported to Metis


Insider threat is becoming comparable to outsider threat in frequency of security events. This is a very worrying situation, as insider attacks have a high probability of success because insiders have authorized access and legitimate privileges. As a result, organizations can suffer financial losses and damage to assets and to reputation. Despite their importance, insider threats are still not properly addressed by organizations. We contribute to reverse this situation by introducing a framework composed of a method and of supporting awareness deliverables. The method organizes the identification and assessment of insider threat risks from the perspective of the organization goal(s)/business mission. This method is supported by three deliverables. First, by attack strategies structured in four decomposition trees. Second, by a pattern of insider attack which reduces an insider attack step to six possible scenarios. Third, by a list of defense strategies which helps on the elicitation of requirements. The output of the method consists of goal-based requirements for the defense against insiders. Attack and defense strategies are collected from the literature and from organizational control principles.

Item Type:Internal Report (Technical Report)
Research Group:EWI-IS: Information Systems
Research Program:CTIT-ISTRICE: Integrated Security and Privacy in a Networked World
Research Project:IPID: Integrated Policy-based Intrusion Detection
ID Code:9615
Deposited On:06 April 2007
More Information:statisticsmetis

Available Versions of this Item

  • Defense against Insider Threat: a Framework for Gathering Goal-based Requirements (deposited 06 April 2007)
    [Currently Displayed]

Export this item as:

To correct this item please ask your editor

Repository Staff Only: edit this item