Skip to Main content Skip to Navigation
Conference papers

Catching Inside Attackers: Balancing Forensic Detectability and Privacy of Employees

Abstract : IT departments of organisations go to great lengths to protect their IT infrastructure from external attackers. However, internal attacks also pose a large threat to organisations. Despite detection and prevention of insider attacks being an active field of research, so far such techniques are rarely being deployed in practice. This paper outlines the state of the art in the field and identifies open research problems in the area. The lack of unified definitions and publicly available datasets for evaluation is detrimental to the comparability of published results in the field and hinders the continual improvement of technology. Another important problem is that of data protection: On the one hand, the data captured for insider attack detection could also be used for surveillance of employees, so it should be anonymised. On the other hand, anonymisation may make some attacks undetectable, leading to a trade-off between detectability of attacks and privacy.
Document type :
Conference papers
Complete list of metadata

Cited literature [29 references]  Display  Hide  Download

https://hal.inria.fr/hal-01445792
Contributor : Hal Ifip <>
Submitted on : Wednesday, January 25, 2017 - 12:41:34 PM
Last modification on : Wednesday, January 25, 2017 - 12:47:06 PM
Long-term archiving on: : Wednesday, April 26, 2017 - 3:16:27 PM

File

416270_1_En_4_Chapter.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Ephraim Zimmer, Jens Lindemann, Dominik Herrmann, Hannes Federrath. Catching Inside Attackers: Balancing Forensic Detectability and Privacy of Employees. International Workshop on Open Problems in Network Security (iNetSec), Oct 2015, Zurich, Switzerland. pp.43-55, ⟨10.1007/978-3-319-39028-4_4⟩. ⟨hal-01445792⟩

Share

Metrics

Record views

145

Files downloads

240