A Predictive Model of Insider Threat Based on Bayesian Network
DOI:
https://doi.org/10.3991/ijoe.v9iS4.2660Abstract
At present, development of science and technology accelerates the society-informationization, many enterprises follow the trend of era to build internal network for convenient communication, but the increasing network security incidents cause a new understanding about the importance of internal network. The predictive model of insider threat based on Bayesian network is put forward in this paper. In the model, insider behaviors in the process of operation are considered as research objects, resource and intrusion evidence for operation sequence are seen as nodes, and then the network attack graph of Bayesian network is established. The concept of meta-operation, atomic attack and intrusion evidence are put forward in the graph. The node variable, its value and the conditional probability distribution of network attack graph are defined. Based on Bayesian network approximate inference, the improved likelihood weighted algorithm is presented to calculate the parameter and to quantify the insider threat. According to the simulation experiment data analysis, this approach is fast, simple and accurate, and plays an effective role in the process of insider threat prediction and evaluation.
Downloads
Published
How to Cite
Issue
Section
License
The submitting author warrants that the submission is original and that she/he is the author of the submission together with the named co-authors; to the extend the submission incorporates text passages, figures, data or other material from the work of others, the submitting author has obtained any necessary permission.
Articles in this journal are published under the Creative Commons Attribution Licence (CC-BY What does this mean?). This is to get more legal certainty about what readers can do with published articles, and thus a wider dissemination and archiving, which in turn makes publishing with this journal more valuable for you, the authors.
By submitting an article the author grants to this journal the non-exclusive right to publish it. The author retains the copyright and the publishing rights for his article without any restrictions.