Marianthi Theoharidou

The insider threat to information systems and the effectiveness of ISO17799

Insider threat is widely recognised as an issue of utmost importance for IS security management. In this paper, we investigate the approach followed by ISO17799, the dominant standard in IS security management, in addressing this type of threat. We unfold the criminology theory that has designated the measures against insider misuse suggested by the standard, i.e. the General Deterrence Theory, and explore the possible enhancements to the standard that could result from the study of more recent criminology theories. The paper concludes with supporting the argument for a multiparadigm and multidisciplinary approach towards IS security management and insider threat mitigation.

An insider threat prediction model

Information systems face several security threats, some of which originate by insiders. This paper presents a novel, interdisciplinary insider threat prediction model. It combines approaches, techniques, and tools from computer science and psychology. It utilizes real time monitoring, capturing the users technological trait in an information system and analyzing it for misbehavior. In parallel, the model is using data from psychometric tests, so as to assess for each user the predisposition to malicious acts and the stress level, which is an enabler for the user to overcome his moral inhibitions, under the condition that the collection of such data complies with the legal framework. The model combines the above mentioned information, categorizes users, and identifies those that require additional monitoring, as they can potentially be dangerous for the information system and the organization.

A Risk Assessment Method for Smartphones

Smartphones are multi-purpose ubiquitous devices, which face both, smartphone-specific and typical security threats. This paper describes a method for risk assessment that is tailored for smartphones. The method does not treat this kind of device as a single entity. Instead, it identifies smartphone assets and provides a detailed list of specific applicable threats. For threats that use application permissions as the attack vector, risk triplets are facilitated. The triplets associate assets to threats and permission combinations. Then, risk is assessed as a combination of asset impact and threat likelihood. The method utilizes user input, with respect to impact valuation, coupled with statistics for threat likelihood calculation. Finally, the paper provides a case study, which demonstrates the risk assessment method in the Android platform.

Risk assessment methodology for interdependent critical infrastructures

Assessing risk in interdependent infrastructures is a challenging topic due to its complexity and the nature of critical infrastructures. This paper describes a methodology for assessing the risk of an infrastructure or a sector, taking into account the presence of interdependencies between infrastructures and sectors. Although the proposed methodology is compatible with current information systems practices, our approach focuses on the consequences to the society and not on the infrastructure itself. The methodology is accompanied by a comprehensive case example.

Common Body of Knowledge for Information Security

The need for skilled information security professionals has led various academic, governmental, and industrial organizations to work to develop a common body of knowledge (CBK) for the security domain. A CBK is a framework and collection of information that provides a basis for understanding terms and concepts in a particular knowledge area. It defines the basic information that people who work in that area are expected to know. The International Information Systems Security Certification Consortium ([ISC]; www.isc2.org) defines a CBK as a taxonomy of topics relevant to professionals around the world. Information security is a multidisciplinary endeavor. In practice, professionals need knowledge and experience from fields such as management, business administration, ethics, sociology, and political science. Yet, existing CBKs focus on specific information security subdomains and thus offer limited understanding and narrow perceptions of the overall domain. Our aim is to identify and define an InfoSec CBK to serve as a tool for developing an information security curriculum

Assessing n-order dependencies between critical infrastructures

The protection of critical infrastructures (CI) is a complex task, since it involves the assessment of both internal and external security risk. In the recent literature, methodologies have been proposed that can be used to identify organisation-wise security threats, or even first-order dependency risk (i.e., risk deriving from direct dependencies). However, there is a lack of work in the area of multi-order dependencies, i.e., assessing the cumulative effects of a single incident, on infrastructures that are connected indirectly. In this paper, we propose a method to identify and assess multi-order dependencies. Based on previous work, we utilise existing first-order dependency graphs, in order to assess the effect of a disruption to consequent infrastructures. In this way, it may be possible to identify and prevent security threats of very high impact from a macroscopic view, which would be hard to identify if we only examine first-order dependencies. We also present a scenario, which provides some evidence on the applicability of the proposed approach.

SIP Vulnerabilities and Anti-SPIT Mechanisms Assessment

Although VoIP provides new ways of communication, at the same time it offers new possibilities for transmitting bulk unsolicited messages and calls, enabling spam over internet telephony (SPIT). The VoIP prevailing protocol is SIP, which it is vulnerable to threats that allow SPIT to be deployed. In this paper we assess the risk of identified threats and vulnerabilities of the SIP protocol. Then, we conduct an analytical survey of already proposed anti-SPIT techniques and we evaluate their effectiveness, in terms of how they deal with the threats and vulnerabilities. Finally, we complete our evaluation by presenting a theoretical evaluation framework, based on additional qualitative and quantitative criteria.

Interdependencies between Critical Infrastructures: Analyzing the Risk of Cascading Effects

One of the most challenging problems, when protecting critical infrastructures, is the identification and assessment of interdependencies. In this paper we examine the possible cumulative effects of a single security incident on multiple infrastructures. Our method provides a way to identify threats that may appear insignificant when examining only first-order dependencies, but may have potentially significant impact if one adopts a more macroscopic view and assesses multi-order dependencies. Based on previous work, we utilize existing first-order dependency graphs, in order to assess the effect of a disruption to consequent infrastructures.

Assessing Privacy Risks in Android: A User-Centric Approach

The increasing presence of privacy violating apps in app marketplaces poses a significant privacy risk for smartphone users. Current approaches assessing privacy risk lack user input, assuming that the value of each smartphone sub-asset (e.g. contact list, usage history) is perceived similarly across users. Thus, per user privacy risk assessment is not achievable. This paper refines our previous work on smartphone risk assessment by proposing an approach for assessing the privacy risk of Android users. Its cornerstone is impact valuation from users, as well as their usage profiles, which enables assessment of per user risk. Threat likelihood is assessed based on the presence of specific permission combinations, which we consider vulnerabilities that enable privacy threat scenarios. These permission combinations correspond to users’ app profiles, i.e. to the app categories of Google Play that each user regularly visits. Finally, the proposed method is demonstrated through a case study.

Cascading Effects of Common-Cause Failures in Critical Infrastructures

One of the most challenging problems in critical infrastructure protection is the assessment and mitigation of cascading failures across infrastructures. In previous research, we have proposed a model for assessing the cumulative security risk of cascading threats due to high-order dependencies between infrastructures. However, recent empirical studies indicate that common-cause failures may result in extremely high impact situations, which may be comparable with or even more devastating than the cascading effects of high-order dependencies. This paper presents an extension to our model, which permits the assessment of the risk arising from complex situations involving multiple cascading failures triggered by major or concurrent common-cause events. The paper also discusses a realistic scenario that is used as a test case for the model extension.