A Multi-Perspectives Insider Threats Detection and Control Framework Towards Protecting National Critical Information Infrastructure A Revision of Old Proposal - Augmenting the PDCA (Plan-Do-Act- Check) Approach in Protecting Critical Infrastructure Against Insider Threats
Research Domain: Information and Communication Technology
Sub Domain: Information System
PROF TS. DR. RABIAH BINTI AHMAD
Professor
Universiti Teknikal Malaysia Melaka
Faculty of Information and Communication Technology
rabiah@utem.edu.my
| NO |
NAME |
INSTITUTION |
FACULTY/SCHOOL/ CENTRE/UNIT |
| 1 |
Zahri Bin Yunos |
|
|
| 2 |
Syarulnaziah Binti Anawar |
UTEM |
Faculty of Information and Communication Technology |
| 3 |
Siti Rahayu Selamat |
UTEM |
Faculty of Information and Communication Technology |
| 4 |
S.M.Warusia Mohamed Bin S.M.M Yassin |
UTEM |
Faculty of Information and Communication Technology |
| 5 |
Aslinda Hassan |
UTEM |
Faculty of Information and Communication Technology |
| 6 |
Mohd Faizal Abdollah |
UTEM |
Faculty of Information and Communication Technology |
3 years (1 Dec 2016 - 30 November 2019)
The security threats concern all the components of the current computing infrastructure world. One of these threats is the insider threat. The insider threats problem is considered as one of the difficult problems to detect in cyber security. The detection of the Insider threat is becoming a very complex and difficult task. This project introduces a new concept in understanding insider threats from technical perspectives. The study explores attack model created by authorized attacker via illegal activities. By conducting a systematic literature review and survey with expert system, the study is able to produce misuse and anomaly detection model for insider attacker. The model then used to develop hybrid detection system. In addition, the project explores new matrix model for role mining which will be used as mechanism to new access control in any manufacturing system. The project able to design un-verified detection framework for Insider Attack that workable for Industry Control System used in Car Manufacturing Industry. The development of detection system has been completed and tested on public and real manufacturing dataset.
The ultimate goal of this project is to produce an effective security measure framework which consists of smart security governance. Thus, to achieve this goal, FOUR (4) objectives need to be accomplished and the Objectives are
- To identify component of authorized signature attacks.
- To develop conceptual detection framework for insider attack.
- To Verify and validate proposed framework.
- To recommend countermeasure for detected attack.
-
Intellectual Property Copyright :
- Publication
- 9 indexed journal
-
Collaboration :
- A Hybrid Insider threat detection system by integrating misuse and anomaly detection in manufacturing systems
- Proton Tanjung Malim Sdn Bhd
The study supports government initiative as highlighted in National Cyber Security Policy which is Protection of Critical Infrastructure.�In addition to that, this study will provide useful information to National Security Council in protecting country assets from an insider attack.�The study may also provide useful information to dedicated industry in securing their business.
