Pervasive Monitoring as an Insider Threat

An Adapted Model
  • Dana Polatin-ReubenEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9190)


Revelations that the United States’ National Security Agency implemented a global surveillance programme with the help of its allies have drawn increased attention to pervasive monitoring activities in general. With the Internet Engineering Task Force characterising pervasive monitoring as an advanced persistent threat, the possibility of modelling pervasive monitoring as a threat activity has been raised. This paper proposes that pervasive monitoring can be considered an insider threat, with private or state actors using legitimate network functions and credentials to exfiltrate the data of governments, corporations, and end-users. The insider threat model put forth by Nurse et al. is examined and adapted with the help of pervasive monitoring case studies.


Pervasive monitoring Insider threat Threat framework Surveillance 



The Nurse et al. model was adapted with the permission of the authors of the original model.


  1. 1.
    Farrel, S., Tschofenig, H.: Pervasive Monitoring is an Attack, (RFC 7258) Internet Engineering Task Force, May 2014. (2014). Accessed 18 Feb 2015
  2. 2.
    Hasan, R., Myagmar, S., Lee, A.J., Yurcik, W.: Toward a threat model for storage systems. In: Proceedings of the 2005 ACM Workshop on Storage Security and Survivability, pp. 94–102. ACM, New York (2005)Google Scholar
  3. 3.
    Johansson, J.M.: Network threat modeling. In: Proceedings of the Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises. IEEE, New York, 9–11 June 2003Google Scholar
  4. 4.
    Cappelli, D., Moore, A., Trzeciak, R.: The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud). Pearson Education Inc, New Jersey (2012)Google Scholar
  5. 5.
    Nurse, J.R.C., Buckley, O., Legg, P.A., Goldsmith, M., Creese, S., Wright, G.R.T., Whitty, M.: Understanding insider threat: a framework for characterising attacks. In: Workshop on Research for Insider Threat (WRIT), in Conjunction with the IEEE Symposium on Security and Privacy (SP). IEEE, New York, 18 May 2014Google Scholar
  6. 6.
    Marcus, B., Schuler, H.: Antecedents of counterproductive behavior at work: a general perspective. J. Appl. Psychol. 89(4), 647–660 (2004)CrossRefGoogle Scholar
  7. 7.
    Wiggins, J.S.: The Five Factor Model of Personality: Theoretical Perspectives. Guildford Press, New York (1996)zbMATHGoogle Scholar
  8. 8.
    Paulhus, D.L., Williams, K.M.: The dark triad of personality: Narcissism, Machiavellianism, and psychopathy. J. Res. Pers. 36(6), 556–563 (2002)CrossRefGoogle Scholar
  9. 9.
    Schneier, B.: Attack trees. Dr. Dobbs J. 24(12), 21–29 (1999)Google Scholar
  10. 10.
    Hutchins, E.M., Cloppert, M.J., Amin, R.M.: Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Leading Issues Inf. Warfare Secur. Res. 1(1), 80 (2011)Google Scholar
  11. 11.
    ARMA International: Generally Accepted Recordkeeping Principles®. (2012). Accessed 18 Feb 2015
  12. 12.
    The World Bank: Worldwide Governance Indicators. (2014). Accessed 18 Feb 2015
  13. 13.
    Ball, J., Borger, J., Greenwald, G.: Revealed: How US and UK Spy Agencies Defeat Internet Privacy and Security, The Guardian. (2013). Accessed 18 Feb 2015
  14. 14.
    Risen, J., Lichtblau, E.: Bush Lets U.S. Spy on Callers Without Courts, The New York Times, 16 December 2005. (2005). Accessed 18 Feb 2015
  15. 15.
    Cauley, L.: NSA has Massive Database of Americans’ Phone Calls, USA Today, 11 May 2006. (2006). Accessed 18 Feb 2015
  16. 16.
    National Security Agency/Central Security Service: Transition 2001, December 2000. (2000). Accessed 18 Feb 2015
  17. 17.
    Greenwald, G., MacAskill, E.: NSA Prism Program Taps in to User Data of Apple, Google and Others, The Guardian, 7 June 2013. (2013). Accessed 18 Feb 2015
  18. 18.
    MacAskill, E., Borger, J., Hopkins, N., Davies, N., Ball, J.: GCHQ Taps Fibre-Optic Cables for Secret Access to World’s Communications, The Guardian, 21 June 2013. (2013). Accessed 18 Feb 2015
  19. 19.
    Rosenblatt, J.: Google Fights E-Mail Privacy Group Suit it Calls Too Big, Bloomberg Business, 28 February 2014. (2014). Accessed 18 Feb 2015
  20. 20.
    Google Inc.: Google Terms of Service (archive), 14 April 2014. (2014). Accessed 18 Feb 2015
  21. 21.
    Devereaux, R., Greenwald, G., Poitras, L.: Data Pirates of the Caribbean: The NSA Is Recording Every Cell Phone Call in the Bahamas, The Intercept, 19 May 2014. (2014). Accessed 18 Feb 2015
  22. 22.
    Assange, J.: WikiLeaks Statement on the Mass Recording of Afghan Telephone Calls by the NSA, WikiLeaks, 23 May 2014. (2014). Accessed 18 Feb 2015
  23. 23.
    Soldatov, A., Borogan, I.: Russia’s Surveillance State, World Policy Journal, Fall 2013. (2013). Accessed 18 Feb 2015
  24. 24.
    Walton, G.: China’s Golden Shield: Corporations and the Development of Surveillance Technology in the People’s Republic of China. International Centre for Human Rights and Democratic Development, Montreal (2001)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.Centre for Doctoral Training in Cyber SecurityUniversity of OxfordOxfordUK

Personalised recommendations