Presentation on theme: "Towards A Theory Of Insider Threat Assessment Authors: Ramkumar Chinchani, Anusha Iyer Hung Q Ngo, Shambhu Upadhyaya International Conference on Dependable."— Presentation transcript:
Towards A Theory Of Insider Threat Assessment Authors: Ramkumar Chinchani, Anusha Iyer Hung Q Ngo, Shambhu Upadhyaya International Conference on Dependable Systems and Networks 2005 (DSN 2005), pp. 108 - 117, 2005 Present by : Zhongxia Ma Department of Computer Science University of Auckland
Summary Gives readers some background information about insider threat Introduces the authors’ model(key challenge graph) Uses key challenge graph to simulate the insider threat Analyses the possible insider attack strategies Compares and contrasts the key challenge graph with other relevant models
Appreciative Comment Paper gives enough background information about insider threat Explains what insider threats are, what damages the insider threats can cause, and why detect insider threats is hard. Readers get a very clear idea of what the paper is going to talk about. Readers also get some basic knowledge about insider threats. The words like “FBI/CSI” also attract readers’ attention.
Appreciative Comment T he key challenge graph model is good Easy to understand, easy to remember Widely used (simulate social engineering attacks) Compare with other relevant models, the key challenge graph is batter for the insider threat problem key Key Start vertex Target vertex Middle vertex Key challenge
Critical Comment Misleading terminology Key (here means information on a vertex not the cryptographic key) Key challenge, a authorization process. (key means an cryptographic key ) The key to the key challenge key Key Start vertex Target vertex Middle vertex key challenge
Question? If a student plan to hack into Clark's computer to change his grade from a lab computer, do you think he can success? key Key Start vertex Target vertex Middle vertex Key challenge