MITIGATION OF INSIDER CYBER SECURITY THREATS IN ORGANIZATIONS USING ELLIPTIC CURVE CRYPTOGRAPHY AND BEHAVIORAL ANALYSIS METHODOLOGY

Stephen Mwonga Musili, Dr. Tobias Mwalili

Abstract


The modern day world is purely based on the usage of cyberspace to run both corporate and individual daily chores. Due to the several challenges brought about by the insider threats including the hybrid or WFH approaches, the research explored the potential for harnessing a variety of threat indicators camouflaged in different organization’s operations connected or interfacing with the information infrastructure, while enabling human analysts to make informed decisions efficiently and effectively. The behavioral approach is a method to detect abnormal behavior by monitoring the psychological and digital variations. It is widely accepted that there is a myriad of insider incidents that will go unreported (for fear of damage to the reputation of the company, for instance) or that will go unnoticed as the attacks simply avoid detection. As a solution to all these challenges, we have developed framework, which for the purposes of this work is a set of recommendations applicable in specific scenarios to reduce negative impact for understanding unintentional as well as the unknown insider threats. We have also suggested practical means to mitigate (Detecting, Preventing and Responding) various threats rooted in the lived experience of those who have fallen prey to the dynamic enigma of insider threats. With the use of the two hybrid approach, our approach has managed to address 69% of the insider threats from organizations. In our research we acknowledge that several of those previous proposed approach like the two-factor authentication scheme for addressing insider threats have got limitations like stolen-verifier attack and denial of service attack. To enhance the security, we present a secure and reliable three-factor authentication scheme using the elliptic curve cryptography (ECC). It has the merit that the user only needs to register once to access multiple servers with a pair of public and private key, and the registration center is offline in the authentication phase. Security analysis demonstrates that our scheme is immune to known attacks and provides user friendliness as well as efficiency due to smaller key sizes. Finally, performance comparisons indicate that our scheme has better security attributes and low computing and communication overheads, and it is more applicable in the current digital ecosystem.

Key Words: Insider Cyber Security Threats, elliptic curve cryptography, behavioral analysis methodology


Full Text:

PDF

References


Agency, C. a. (2022, March 12). DEFINING INSIDER THREATS. Retrieved from CyberSecurity and Infrastracture Security Agency: https://www.cisa.gov/defining-insider-threats

Ali, Z. (2018). Insider Threats – 2018 Statistics. Baltimore, MD 21221: American Publishing, LLC™ .

Bowles, S. F. (2018, March 30). Facebook Employees in an Uproar Over Executive’s Leaked Memo. Retrieved November 23, 2018, from newyork times: https://www.nytimes.com/2018/03/30/technology/facebook-leaked-memo.html

carib, c. (2022, March 19). 6 Tips to Help Protect Your Data from Insider Threats. Retrieved from cloud carib: https://info.cloudcarib.com/blog/6-tips-to-help-protect-your-data-from-insider-threats

Chickowski, E. (2018, 10 16). Reasons Why Employees Violate Security Policies. Retrieved 12 18, 2018, from Dark Reading: https://www.darkreading.com/endpoint/privacy/6-reasons-why-employees-violate-security-policies/d/d-id/1333046?image_number=4

Christian W. Probst, J. H. (2020). Insider threats in Cyber security. New York: Springer Science.

David Leigh, L. H. (2011). Wikileaks, Inside Assange's war on secrecy. Newyork, NY 10107: United States PublicAffairs.

Fischer, E. A. (August 12, 2016). Cybersecurity Issues and Challenges: In Brief. Congressional Research Service.

Ford, D. R. (2018, July 12). Insider Threats & Insider Objections. Retrieved December 18, 2018, from Dark Reading: https://www.darkreading.com/endpoint/insider-threats-and-insider-objections/a/d-id/1333416

George, T. (2021, September 08). Security Week Network. Retrieved from The Impact of the Pandemic on Today's Approach to Cybersecurity: https://www.securityweek.com/impact-pandemic-todays-approach-cybersecurity

Holger Schulze, C. a. (2018). INSIDER THREAT 2018 REPORT. New York: CA Technologies.

James Scott, S. F. (2017). In 2017, The Insider Threat Epidemic Begins. ICIT Critical Infrastructure Forum, 4-5.

Johnson, A. (2018). Cybersecurity failures raise threat of 'deadly missile attacks. Los Angeles.: NBC News .

Jones, M. (2020, December 23). Six cybersecurity trends heading our way in 2021. Retrieved from T_HQ Technology and Business: https://techhq.com/2020/12/six-cybersecurity-trends-heading-our-way-in-2021/

Kamau Muthoni, Faith , K., & Frankline , S. (2019, January 31). How big banks lost billions in one week to cyber crime. The Standard, p. 4.

Libraries, U. (2022, March 7). Research Guide. Retrieved from USC Libraries: https://libguides.usc.edu/writingguide/researchdesigns

Magazine, S. (2020). Cyber risks related to insider threats bigger than external threat actors. BNP Media.

Mangan, D. (2018). US Treasury employee arrested, accused of leaking media secret information about suspicious financial transactions related to Paul Manafort, Russians. CNBC.

Martin, J. A. (2019, August 21). What is access control? A key component of data security. Retrieved from CSO: https://www.csoonline.com/article/3251714/what-is-access-control-a-key-component-of-data-security.html

Mr. Pragnesh G. Patel, S. (2013). Data Security in Cloud Computing using Elliptical. International Research Journal of Computer Science Engineering and Applications, 5.

Muncaster, P. (2021, July 8). CTOs Keeping Quiet on Breaches to Avoid Cyber Blame Game. Retrieved from Infosecurity Group: https://www.infosecurity-magazine.com/news/ctos-keeping-quiet-breaches-blame/

Munguti, R. (2020, June 28). Nation News. Retrieved from Nation media: https://nation.africa/kenya/news/how-merali-lost-sh10-million-to-conmen-who-mimicked-uhuru-s-voice-142384

Palmer, A. s. (2018, December 14). How one hacked laptop led to an entire network being compromised. Retrieved from ZDNet: https://www.zdnet.com/article/how-one-hacked-laptop-led-to-an-entire-network-being-compromised/

Panda. (2021, April 12). 11 Emerging Cybersecurity Trends in 2021. Retrieved from Panda Media Security: https://www.pandasecurity.com/en/mediacenter/tips/cybersecurity-trends/

Petters, J. (2020, September 22). What is an Insider Threat? Definition and Examples. Retrieved from Varonis: https://www.varonis.com/blog/insider-threats/

Ray, T. (2022, March ). Motive doesn't matter: The three types of insider threats. Retrieved from Maureen Data Systems: https://www.mdsny.com/motive-doesnt-matter-the-three-types-of-insider-threats/

Rosenthal, M. (2021, October 21). Insider Threats Examples: 17 Real Examples of Insider Threats. Retrieved from TESSIAN: https://www.tessian.com/blog/insider-threats-types-and-real-world-examples/

Russian investigative journalist: Snowden is 'a sort of ghost'. (2017, November 18). Retrieved November 20, 2017, from Yahoo: https://www.yahoo.com/news/russian-investigative-journalist-snowden-sort-ghost-170357193.html

Stewart, J. M. (2018, June 26). The Three Types of Multi-Factor Authentication(MFA). Retrieved from SkillSoft Global Knowledge: https://www.globalknowledge.com/us-en/resources/resource-library/articles/the-three-types-of-multi-factor-authentication-mfa/#gref

Young, E. &. (2013). Bring your own device, Security and Risk Considerations for your Mobile device Program. Insights on Governance, Risks and Compliance, 5-6.

Zeadally, S. (2021). Detecting Insider Threats: Solutions and Trends. Information Security Journal: A Global Perspective, 1-2.


Refbacks

  • There are currently no refbacks.