Abstract
An insider threats turn cyber world into insecure data breaches and system compromised as the insider having legitimate access to information of critical assets. Furthermore, the threat reflected unnoticeable and none able to foresee what, when and how literally the trusted insiders who has authority launched the threats against an organization. Due to this, there is lack of theoretical view discussion by the research community that can be used as a reference to categorize factors, specifically features that can contribute to the insider threats in manufacturing execution systems (MES). Therefore, a theoretical view to categorize factors and features which represent the behavior of insider threats in MES is proposed based on conducted literature survey. These threats could be grouped into three major factors i.e. human, systems and machine as stressed, and consequently a possible feature that can be a contributor for every single factor identified based on previous researcher recommendations. For the purpose of facilitate the understanding, the real scenario from the automation execution system from manufacturing sector is chosen as case study. Each factor and every single related feature identified, grouped and fact been highlighted. Hence, a theoretical framework for MES could be derived and facilitate as a standard guideline to mitigate insider threats in manufacturing field.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alhanahnah MJ, Jhumka A, Alouneh S (2016) A multidimension taxonomy of insider threats in cloud computing. Comput J 59(11):1612–1622. https://doi.org/10.1093/comjnl/bxw020
Brock B (2017) Detecting insider threats using radish: a system for real-time anomaly detection in heterogeneous data streams, pp 1–12
Elmrabit N, Yang S-H, Yang L (2015) Insider threats in information security categories and approaches. In 2015 21st International Conference on automation and computing (ICAC). IEEE, (ed), p pp 1–6. https://doi.org/10.1109/IConAC.2015.7313979
Greitzer FL et al (2012) Identifying at-risk employees: modeling psychosocial precursors of potential insider threats. In 2012 47 th Hawaii International conference on system sciences. IEEE, pp 2392–2401. https://doi.org/10.1109/HICSS.2012.309
Greitzer FL et al (2014) Unintentional insider threat: contributing factors, observables, and mitigation strategies, In 2014 47th Hawaii International Conference on System Sciences. IEEE, pp 2025–2034. https://doi.org/10.1109/HICSS.2014.256
Homoliak I et al (2018) Insight into insiders: a survey of insider threat taxonomies, analysis, modeling, and countermeasures
Homoliak I et al (2019) Insight into insiders and IT, ACM Comput Surv 52(2):1–40. https://doi.org/10.1145/3303771
Legg PA et al (2015) Caught in the act of an insider attack: detection and assessment of insider threat. In 2015 IEEE International Symposium on Technologies for Homeland Security (HST). IEEE, pp 1–6. https://doi.org/10.1109/THS.2015.7446229
Maasberg M, Warren J, Beebe NL (2015) The dark side of the insider: detecting the insider threat through examination of dark triad personality traits. In 2015 48th Hawaii International Conference on System Sciences. IEEE, pp 3518–3526. https://doi.org/10.1109/HICSS.2015.423
Magana J et al (2017) Are proximity attacks a threat to the security of split manufacturing of integrated circuits? IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 25(12), pp 3406–3419. https://doi.org/10.1109/TVLSI.2017.2748018
May CR et al (2017) Insight into insiders: a survey of insider threat taxonomies, analysis, modeling, and countermeasures
Moore AP et al (2011) A preliminary model of insider theft of intellectual property. JoWUA, 2(1), pp 28–49. https://doi.org/10.22667/JOWUA.2011.03.31.028
Nasr PM, Varjani AY (2014) Alarm based anomaly detection of insider attacks in SCADA system. In 2014 Smart Grid Conference (SGC). IEEE, pp 1–6. https://doi.org/10.1109/SGC.2014.7090881
Ntalampiras S, Soupionis Y, Giannopoulos G (2015) A fault diagnosis system for interdependent critical infrastructures based on HMMs. Reliability Engineering & System Safety, 138, pp 73–81. https://doi.org/10.1016/j.ress.2015.01.024
Permissions F (2016) A multidimension taxonomy of insider threats in cloud computing
Soupionis Y, Ntalampiras S, Giannopoulos G (2016) Faults and cyber attacks detection in critical infrastructures, pp 283–289. https://doi.org/10.1007/978-3-319-31664-2_29
Wang Y et al (2016) Front-end-of-line attacks in split manufacturing
Zargar A, Nowroozi A, Jalili R (2016) XABA: a zero-knowledge anomaly-based behavioral analysis method to detect insider threats. In 2016 13th International Iranian Society of Cryptology Conference on Information Security and Cryptology (ISCISC). IEEE, pp 26–31. https://doi.org/10.1109/ISCISC.2016.7736447
Zhu B, Sastry S (2010) SCADA-specific intrusion detection/prevention systems: a survey an taxonomy, pp 1–16
Zou, B. et al. (2018) Insider threats of physical protection systems in nuclear power plants: prevention and evaluation. Progress in Nuclear Energy 104, pp 8–15. https://doi.org/10.1016/j.pnucene.2017.08.006
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Yassin, W.M., Ahmad, R., Mohammad, N.A.N. (2020). An Insider Threat Factors and Features Categorization for Manufacturing Execution System. In: Zakaria, Z., Ahmad, R. (eds) Advances in Electronics Engineering. Lecture Notes in Electrical Engineering, vol 619. Springer, Singapore. https://doi.org/10.1007/978-981-15-1289-6_30
Download citation
DOI: https://doi.org/10.1007/978-981-15-1289-6_30
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-1288-9
Online ISBN: 978-981-15-1289-6
eBook Packages: EngineeringEngineering (R0)