TY - GEN
T1 - Scenario Intelligence
T2 - 24th International Arab Conference on Information Technology, ACIT 2023
AU - Alshehhi, Bashayer
AU - Khelalfa, Halim
AU - Yusof, Shafiz A.Mohd
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - Academic researchers currently face a significant gap in validating anomaly detection algorithms due to the lack of real-life insider threat scenarios. It is well recognized that stimulating and developing scenarios is a way to overcome potential risks that could occur in the future. Identifying patterns between possible scenario outcomes is a strategy that acts proactively against insider threat attacks. This research study investigates real-life scenario patterns of insider attacks in different industries. It aims at identifying the attributes that play key roles in detecting anomalies in insider's behavior. To create a real-life scenario insider threat-based model, multiple interviews were conducted with participants across 5 industries in the Gulf Cooperation Council (GCC) countries. The industries examined include technology, communications, utilities, education, and finance. The results show correlations between different identified attributes and critical threat indicators. A scenario model is hence designed correlating to the results with vital classified indicators that can be applicable to any real-life environment. On this basis, the developed model enables researchers to customize real-life based insider threat scenarios to validate their algorithms effectively.
AB - Academic researchers currently face a significant gap in validating anomaly detection algorithms due to the lack of real-life insider threat scenarios. It is well recognized that stimulating and developing scenarios is a way to overcome potential risks that could occur in the future. Identifying patterns between possible scenario outcomes is a strategy that acts proactively against insider threat attacks. This research study investigates real-life scenario patterns of insider attacks in different industries. It aims at identifying the attributes that play key roles in detecting anomalies in insider's behavior. To create a real-life scenario insider threat-based model, multiple interviews were conducted with participants across 5 industries in the Gulf Cooperation Council (GCC) countries. The industries examined include technology, communications, utilities, education, and finance. The results show correlations between different identified attributes and critical threat indicators. A scenario model is hence designed correlating to the results with vital classified indicators that can be applicable to any real-life environment. On this basis, the developed model enables researchers to customize real-life based insider threat scenarios to validate their algorithms effectively.
KW - Insider threats
KW - anomaly detection
KW - scenario development
KW - security
KW - user behavior analysis
UR - https://www.scopus.com/pages/publications/85189136619
U2 - 10.1109/ACIT58888.2023.10453889
DO - 10.1109/ACIT58888.2023.10453889
M3 - Conference contribution
AN - SCOPUS:85189136619
T3 - 2023 24th International Arab Conference on Information Technology, ACIT 2023
BT - 2023 24th International Arab Conference on Information Technology, ACIT 2023
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 6 December 2023 through 8 December 2023
ER -