{"title":"来自内部的威胁:实施信息技术破坏的内部人员案例研究","authors":"Jason W. Clark","doi":"10.1109/ARES.2016.78","DOIUrl":null,"url":null,"abstract":"In this paper, we investigate insider information technology sabotage. After an analysis of over 1200 cases in our insider threat corpus, we identified 97 insider information technology sabotage cases that are found in public records. In all of our cases, the insider has pleaded guilty or was convicted in a courtroom. The majority of the cases are (United States) domestic. We begin by providing an introduction to the problem space. Next, we provide an abridged case summary for a sample of the cases. Based on all of the cases, we perform an analysis to answer the following research questions: 1) Who are the insiders that commit insider information technology sabotage? 2) What is the motivation behind the insider attacking? 3) What technical means were used to launch the attack? 4) How were the insiders caught? 5) What damage did they cause? 6) What sentence did the insider receive? Lastly, we describe our aggregated results and provide best practices to help mitigate the type of insider threat we describe.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"28 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Threat from Within: Case Studies of Insiders Who Committed Information Technology Sabotage\",\"authors\":\"Jason W. Clark\",\"doi\":\"10.1109/ARES.2016.78\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this paper, we investigate insider information technology sabotage. After an analysis of over 1200 cases in our insider threat corpus, we identified 97 insider information technology sabotage cases that are found in public records. In all of our cases, the insider has pleaded guilty or was convicted in a courtroom. The majority of the cases are (United States) domestic. We begin by providing an introduction to the problem space. Next, we provide an abridged case summary for a sample of the cases. Based on all of the cases, we perform an analysis to answer the following research questions: 1) Who are the insiders that commit insider information technology sabotage? 2) What is the motivation behind the insider attacking? 3) What technical means were used to launch the attack? 4) How were the insiders caught? 5) What damage did they cause? 6) What sentence did the insider receive? Lastly, we describe our aggregated results and provide best practices to help mitigate the type of insider threat we describe.\",\"PeriodicalId\":216417,\"journal\":{\"name\":\"2016 11th International Conference on Availability, Reliability and Security (ARES)\",\"volume\":\"28 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 11th International Conference on Availability, Reliability and Security (ARES)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ARES.2016.78\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 11th International Conference on Availability, Reliability and Security (ARES)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2016.78","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Threat from Within: Case Studies of Insiders Who Committed Information Technology Sabotage
In this paper, we investigate insider information technology sabotage. After an analysis of over 1200 cases in our insider threat corpus, we identified 97 insider information technology sabotage cases that are found in public records. In all of our cases, the insider has pleaded guilty or was convicted in a courtroom. The majority of the cases are (United States) domestic. We begin by providing an introduction to the problem space. Next, we provide an abridged case summary for a sample of the cases. Based on all of the cases, we perform an analysis to answer the following research questions: 1) Who are the insiders that commit insider information technology sabotage? 2) What is the motivation behind the insider attacking? 3) What technical means were used to launch the attack? 4) How were the insiders caught? 5) What damage did they cause? 6) What sentence did the insider receive? Lastly, we describe our aggregated results and provide best practices to help mitigate the type of insider threat we describe.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
