A Proposal for the Definition of Insider (Threat) and Mitigation for the Korea Military Environment
|
|
Won, Kyung-Su
(Center for Information Security Technologies(CIST), Korea University)
Kim, Seung-Joo (Center for Information Security Technologies(CIST), Korea University) |
| 1 | Kyungroul Lee, Sun-Young Lee, and Kangbin Yim, "Classification and Analysis of Security Threats in the Infrastructure," The Journal of Korean Institute of Communications and Information Sciences 43(3), pp. 572-579, Mar. 2018. DOI |
| 2 | Jung Joo Bae, Jeong-Dong Kim, Young-Duk Seo, and Doo-Kwon Baik, "Definition and Implementation of an Ontology Based Schema for Interoperability of Common Operational Pictures in a Battle Management System," Journal of KIISE : Database 40(1), pp. 62-78, Feb. 2013. |
| 3 | Park Hyun Jae, "Report(A Study on the Improvement and Development of the Naval Command Control System)," Ministry of National Defense(www.prism.go.kr), Dec. 2012. |
| 4 | Army Tactical C4I Development Team, Top 100 Questions 100 Answers to Ground Tactical C4I System, National Library of Korea(print dept in army), daejon, 172, 2005. |
| 5 | NIST, "Insider", https://csrc.nist.gov/csrc/media/publications/conference-paper/1998/10/08/proceedings-of-the-21st-nissc-1998/documents/early-cs-papers/ande80.pdf, Jan. 2019 |
| 6 | Kim Jong-Ki and Oh Da-Woon, "A Study on Security Policy Violations of Organization Members," Informatization policy 25(3), pp. 95-115 , Sep. 2018. DOI |
| 7 | Carnegie Mellon Univ.sei, "Insider Threat", https://resources.sei.cmu.edu/asset_files/TechnicalReport/2019_005_001_540647.pdf, Feb. 2019. |
| 8 | Gu Samuel and Kim Seul-ki, "A Study on The Security Vulnerabilities in Self Protection of Anti Viruses," https://agz.es, Sep. 2011. |
| 9 | Lee Dong-hoon, "Defense IT Convergence Technology for Improved Interoperability of Weapon System-Non-Weapon Systems," 2012 Defense IT Convergence Support Center Result Report Appendix 2, Apr. 2013. |
| 10 | Hyeon Jo, Kiho Kwak, Soung-Hie Kim, and Byung-Chun Kim, "A Study on Defense IT Governance and Principle Establishment," Journal of Advanced Information Technology and Convergence (JAITC) 10(9), pp. 153-162, Sep. 2012. |
| 11 | Choi Kwang-Bok, "A Study on the Analysis of Defense Information Protection Environment and the Research Direction of Security Management Model for Cyber Warfare Response," Review of KIISC21(6), pp. 6-14, Oct. 2011. |
| 12 | Jung Jong and Joongeup Kye, "Aspect a Future War and Development Direction of Weapon-system," The 8th Conference on National Defense Technology, pp. 306-318, Jul. 2012. |
| 13 | Kwon Oh Hun, Lee Myoung Hun, and Lee Jae Woo, Chae-ho Lim, "Real-Time Security Management System for Defense Network," Review of KIISC 23(6), pp. 54-66, Dec. 2013. |
| 14 | U.S. Department of Defense, "CYBER STRATEGY", https://media.defense.gov/2018/Sep/18/2002041658/-1/-1/1/CYBER_STRATEGY_SUMMARY_FINAL.PDF, Feb. 2019. |
| 15 | Chief Information Officer, "Environment", https://dodcio.defense.gov/Portals/0/Documents/JIE/DoD%20IT%20Environment%20Way%20Forward-%20DISTRO(Aug%202016).pdf, Feb. 2019. |
| 16 | Chief Information Officer, "Environment", https://dodcio.defense.gov/Portals/0/Documents/Announcement/Signed_ITESR_6SEP11.pdf, Feb. 2019. |
| 17 | Critical Infrastructure Resilience institute, "Cyber Warfare", https://ciri.illinois.edu/sites/default/file%20s/2018.2.27._Cyber%20Warfare.pdf, Feb. 2019. |
| 18 | Army college, C4I system, National Library of Korea(print dept in army), daejeon, 202, 2008 |
| 19 | W Cornelissen, "Investigating insider threats:problems and solutions," Master thesis, essay.utwente.nl-, May. 2009. |
| 20 | Lee Ho Kyun, "National Defense Command and Control System (C4I) Development Trends," National defense and technology(429), pp. 58-71, Nov. 2014. |
| 21 | Bishop, M., "Panel: the insider problem revisited," In Proceedings of the 2005 workshop on New security paradigms (Lake Arrowhead, USA), pp. 75-76, Jan. 2005. |
| 22 | Butts, J.W., Mills, R.F. and Baldwin, R.O., "Developing an insider threat model using functional decomposition In Proceedings of the Third international workshop on mathematical methods," models, and architectures for computer network security (St. Petersburg, Russia, September 25-27), pp. 412-417, Sep. 2005. |
| 23 | Ivan Homoliak, Falvio Toffalini, Juan Guarnizo, Yuval Elovicl and Martin Ochoa, "Insight into Insiders and IT:A Survey of Insider Threat Taxonomies, Analysis, Modeling, and Countermeasures," ACM Computing Surveys, vol. 52, no. 30, May. 2019. |
| 24 | Hong Byung-jin and Lee Soo-jin, "Designing of The Enterprise Insider-Threats Management System Based on Tasks and Activity Patterns," Journal of Information and Security 15(6), pp. 3-10, Oct. 2015. |
| 25 | Young-geun Kim and Jinyoung Choi, "A Study on the Korean company's rediness against to Insider Threat," Communications of the Korean Institute of Information Scientists and Engineers 2017, pp. 1,087-1,089, Jun. 2017. |
| 26 | Observeit, "Insider Threat", http://pages.observeit.com/rs/248-SYG-803/images/ObserveIT-Insider-Threat-Management-Library-v7.0.0.pdf, Jan. 2019. |
| 27 | Defense Technical Information Center, "Insider Threat", https://apps.dtic.mil/dtic/tr/fulltext/u2/a391380.pdf, Jan. 2019. |
| 28 | U.S.Army Cyber Command, "Insider Threat", https://8tharmy.korea.army.mil/site/assets/doc/resource/information-assurance/ARCYBER-fact-sheet-Insider-Threats(2Sep2015).pdf, Jan. 2019. |
| 29 | Predd, J. et al., "Insider behaving badly", IEEE security and privacy 6(4), pp. 66-70, Jul. 2008. DOI |
| 30 | Carroll, M.D., "Information security: examing and managing the insider threat," In Proceedings of the 3rd annual conference on Information security curriculum development, Kennesaw, Georgia (USA), Sep. 2006. |
| 31 | Schultz, E. E., "A framework for understanding and predicting insider attacks", Computers and Security 21(6), pp. 526-531, Oct. 2002. DOI |
| 32 | Brackney, R.C. and Anderson, R.H., "Understanding the insider threat," In Proceedings of a March 2004 Workshop (March 2-4, 2004, Rockville, MD, USA), Mar. 2004. |
| 33 | Wood, B., "An insider threat model for adversary simulation," In proceedings of the conference on Research on Mitigating the Insider Threat to Information Systems #2 (Arlington, USA), Appendix B, pp. 41-48, Aug. 2000. |
| 34 | Magklaras, G.B. and Furnell, S.M., "Insider threat prediction tool: evaluating the probability of IT misuse," Computers & Security 21(1), pp. 62-73, Jan. 2002. DOI |
| 35 | Carnegie Mellon Univ.sei, "Insider Threat", https://insights.sei.cmu.edu/insider-threat/2017/03/cert-definition-of-insider-threat---updated.html, Jan. 2019. |
| 36 | Brian M. Bowen, Malek Ben Salem, Shlomo Hershkop, Angelos D. Keromytis, and Salvatore J. Stolfo, "Designing Host and Network Sensors to Mitigate the Insider Threat," In IEEE Security & Privacy Magazine, vol. 7, No. 6, pp. 22-29, Nov./Dec. 2009 |
| 37 | exabeam, "Insider Threats", www.exabeam.com/ueba/insider-threats, Jan. 2019. |
| 38 | N. Nostro, A. Ceccarelli, A. Bondavalli, and F. Brancati, "Insider threat assessment: A model-based methodology," SIGOPS Oper. Syst. Rev., vol. 48, no. 2, pp. 3-12, Dec. 2014. DOI |
| 39 | Anderson, R.H. et al., "Research on mitigating the insider threat to information systems," In Proceedings of a Workshop Held August 2000, Aug. 2000. |
| 40 | Neumann, P.G., "The challenges of insider misuse," SRI Computer Science Laboratory, Paper prepared for the Workshop on Preventing, Detecting, and Responding to Malicious Insider Misuse, 16-18 August 1999, at RAND, Santa Monica, CA, Aug. 1999. |
| 41 | Microsoft, "Modeling", https://www.microsoft.com/en-us/download/details.aspx?id=49168, Jan. 2019. |
 |
Korea Institute of Science and Technology Information
Gwahangno, Yuseong-gu, Daejeon, 305-806, Korea TEL : +82-42-869-1752
Copyright (c) 2009 KISTI. All Rights Reserved. For more information mail to
webmaster
