Insider Detection Method in a Company
Anatoly Adamovich Kornienko1, Mark Aleksandrovich Polyanichko2
1Anatoly Adamovich Kornienko, Emperor Alexander I St. Petersburg State Transport University, Saint Petersburg, Russia.
2Mark Aleksandrovich Polyanichko*, Emperor Alexander I St. Petersburg State Transport University, Saint Petersburg, Russia.
Manuscript received on November 11, 2019. | Revised Manuscript received on December 15, 2019. | Manuscript published on December 30, 2019. | PP: 585-592 | Volume-9 Issue-2, December, 2019. | Retrieval Number: A1452109119/2019©BEIESP | DOI: 10.35940/ijeat.A1452.129219
Open Access | Ethics and Policies | Cite | Mendeley
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Managers often focus on external threats mainly due to the difficulties in evaluating the losses from the insider activities. The purpose of the study is to improve the efficient performance of an information security department and a company itself in counteracting insider threats by increasing the accuracy and rate of assessing the insider threat for each employee and ranking employees in accordance with the assessment of a summarized technical threat indicator. The authors morphologically analyze the features of insider activities in three sections and identify a promising area for combating the insiders – a prompt identification of unusual behavior signaling a breach of confidentiality. The paper describes an algorithm developed by the authors for assessing the insider threat for each employee of a company and ranking all employees by a summarized technical threat indicator. The steps to implement the algorithm are described in detail and a fuzzy derivation scheme of a summarized technical threat indicator is presented; an example is used to test the algorithm. The algorithm can be implemented as a part of a corporate information system. It is cheap to use and own, and it is rated as cost-efficient.
Keywords: Internal threats, insider, insider detection, risk management, linguistic variables.