Misuseablity analysis for IT infrastructure

Asaf Shabtai; Yuval Elovici

doi:https://doi.org/10.1145/2660267.2662385

Misuseablity analysis for IT infrastructure

Asaf Shabtai, Yuval Elovici

Department of Software and Information Systems Engineering

Ben-Gurion University of the Negev

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Today, organizations have limited resources available to allocate to the detection of complex cyber-attacks. In order to optimize their resource allocation, organizations must conduct a thorough risk analysis process so as to focus their efforts and resources on the protection of the organization's important assets. In this study we propose a framework that automatically and dynamically derives a misuseability score for every IT component (e.g., PC, laptop, server, router, smartphone, and user). The misuseability score encapsulates the potential damage that can be caused to the organization when its assets are compromised and misused. Copyright is held by the owner/author(s).

Original language	English
Title of host publication	Proceedings of the ACM Conference on Computer and Communications Security
Pages	1496-1498
Number of pages	3
DOIs	https://doi.org/10.1145/2660267.2662385
State	Published - 3 Nov 2014
Event	21st ACM Conference on Computer and Communications Security, CCS 2014 - Scottsdale, United States Duration: 3 Nov 2014 → 7 Nov 2014

Publication series

Name	Proceedings of the ACM Conference on Computer and Communications Security

Conference

Conference	21st ACM Conference on Computer and Communications Security, CCS 2014
Country/Territory	United States
City	Scottsdale
Period	3/11/14 → 7/11/14

Keywords

Insider threat
Misuseability score
Risk analysis
Security

All Science Journal Classification (ASJC) codes

Software
Computer Networks and Communications

Access to Document

https://doi.org/10.1145/2660267.2662385

Cite this

@inproceedings{500e5002bc794a6dad9901c5c0112b0a,

title = "Misuseablity analysis for IT infrastructure",

abstract = "Today, organizations have limited resources available to allocate to the detection of complex cyber-attacks. In order to optimize their resource allocation, organizations must conduct a thorough risk analysis process so as to focus their efforts and resources on the protection of the organization's important assets. In this study we propose a framework that automatically and dynamically derives a misuseability score for every IT component (e.g., PC, laptop, server, router, smartphone, and user). The misuseability score encapsulates the potential damage that can be caused to the organization when its assets are compromised and misused. Copyright is held by the owner/author(s).",

keywords = "Insider threat, Misuseability score, Risk analysis, Security",

author = "Asaf Shabtai and Yuval Elovici",

year = "2014",

month = nov,

day = "3",

doi = "https://doi.org/10.1145/2660267.2662385",

language = "English",

isbn = "9781450329576",

series = "Proceedings of the ACM Conference on Computer and Communications Security",

pages = "1496--1498",

booktitle = "Proceedings of the ACM Conference on Computer and Communications Security",

note = "21st ACM Conference on Computer and Communications Security, CCS 2014 ; Conference date: 03-11-2014 Through 07-11-2014",

}

Shabtai, A & Elovici, Y 2014, Misuseablity analysis for IT infrastructure. in Proceedings of the ACM Conference on Computer and Communications Security. Proceedings of the ACM Conference on Computer and Communications Security, pp. 1496-1498, 21st ACM Conference on Computer and Communications Security, CCS 2014, Scottsdale, United States, 3/11/14. https://doi.org/10.1145/2660267.2662385

TY - GEN

T1 - Misuseablity analysis for IT infrastructure

AU - Shabtai, Asaf

AU - Elovici, Yuval

PY - 2014/11/3

Y1 - 2014/11/3

N2 - Today, organizations have limited resources available to allocate to the detection of complex cyber-attacks. In order to optimize their resource allocation, organizations must conduct a thorough risk analysis process so as to focus their efforts and resources on the protection of the organization's important assets. In this study we propose a framework that automatically and dynamically derives a misuseability score for every IT component (e.g., PC, laptop, server, router, smartphone, and user). The misuseability score encapsulates the potential damage that can be caused to the organization when its assets are compromised and misused. Copyright is held by the owner/author(s).

AB - Today, organizations have limited resources available to allocate to the detection of complex cyber-attacks. In order to optimize their resource allocation, organizations must conduct a thorough risk analysis process so as to focus their efforts and resources on the protection of the organization's important assets. In this study we propose a framework that automatically and dynamically derives a misuseability score for every IT component (e.g., PC, laptop, server, router, smartphone, and user). The misuseability score encapsulates the potential damage that can be caused to the organization when its assets are compromised and misused. Copyright is held by the owner/author(s).

KW - Insider threat

KW - Misuseability score

KW - Risk analysis

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=84910618640&partnerID=8YFLogxK

U2 - https://doi.org/10.1145/2660267.2662385

DO - https://doi.org/10.1145/2660267.2662385

M3 - Conference contribution

SN - 9781450329576

T3 - Proceedings of the ACM Conference on Computer and Communications Security

SP - 1496

EP - 1498

BT - Proceedings of the ACM Conference on Computer and Communications Security

T2 - 21st ACM Conference on Computer and Communications Security, CCS 2014

Y2 - 3 November 2014 through 7 November 2014

ER -

Misuseablity analysis for IT infrastructure

Abstract

Publication series

Conference

Keywords

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this