| Ever since the proliferation of data and the digitalization of information, information security has become one of the principle research areas in the computation field. The overall goals of information security are to ensure the confidentiality, integrity and availability of the data in the system. In addition to the common outsider attacks, insider attacks are often bypassed or inadequately checked by the security mechanisms because insiders are the authorized users who perform their daily work in the information system. To address the problem of dynamic insider attacks, this thesis discusses the relations among the system components that can be exploited. Then, advance filtering and checking techniques are developed on top of existing and well known mechanisms, such as access control. Insider collaboration attack is a more dangerous form of insider threat with the participation of multiple insiders. A counter strategy and two theoretical protection models are introduced in this thesis to deal with the problem. Finally, additional research has been performed to investigate the relationship among users. The User Affinity Matrix measures the energy-bond among users and calculates the likelihood that a group of users would participate in a collaboration attack. Performance analysis of User Affinity Matrix is presented via a simulation that shows the effectiveness of the technique. |
