Special Issue "Insider Attacks"

A special issue of Information (ISSN 2078-2489). This special issue belongs to the section "Information Systems".

Deadline for manuscript submissions: closed (30 June 2019).

Special Issue Editor

Dr. Santosh Aditham
Website
Guest Editor
Lead Machine Learning Engineer, Macy's, San Francisco, CA 94102, USA
Interests: data security; machine learning; NLP; distributed systems

Special Issue Information

Dear Colleagues,

Traditionally, the word “security” in the technology industry was synonymous with addressing threats and attacks that originate externally. However, we are noticing the rise in concerns about threats that originate internally, due to factors such as abuse of privilege, naivety, carelessness and ill intent. Such threats are known as insider attacks and they damage assets, reputation and finances of individuals, enterprises and organizations. There is a need to address this problem of growing security threats from insiders. As a result, it is our goal to explore the state-of-the-art research dealing with new surveys, policies, tools, techniques, concepts, and applications concerning the detection, mitigation and prevention of insider attacks.

The goal of this Special Issue is to collect high-quality contributions to address the security concerns related to insider attacks. Topics of interest include, but are not limited to the ones listed below:

  • Theoretical proofs to address insider attacks
  • Insider threat modeling and attack vectors
  • Implications of insider threats
  • Policies and regulations to prevent insider attacks
  • Authentication and authorization techniques to address insider attacks
  • Behavioral analytics and fraud detection
  • Data governance and differential privacy
  • Network access control systems
  • Intrusion detection systems
  • Insider attack recovery mechanisms
  • Insider threats and attack datasets
  • Insider attack prevention and detection for large scale distributed systems
  • Future challenges for enterprises and organizations regarding insider threats

Dr. Santosh Aditham
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Information is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1000 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • security
  • insider attacks
  • vulnerabilities and threats

Published Papers (2 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Open AccessArticle
What Message Characteristics Make Social Engineering Successful on Facebook: The Role of Central Route, Peripheral Route, and Perceived Risk
Information 2019, 10(6), 211; https://doi.org/10.3390/info10060211 - 13 Jun 2019
Abstract
Past research suggests that the human ability to detect social engineering deception is very limited, and it is even more limited in the virtual environment of social networking sites (SNS) such as Facebook. At the organizational level, research suggests that social engineers could [...] Read more.
Past research suggests that the human ability to detect social engineering deception is very limited, and it is even more limited in the virtual environment of social networking sites (SNS) such as Facebook. At the organizational level, research suggests that social engineers could succeed even among those organizations that identify themselves as being aware of social engineering techniques. This may be partly due to the complexity of human behaviors in failing to recognize social engineering tricks in SNSs. Due to the vital role that persuasion and perception play on users’ decision to accept or reject social engineering tricks, this paper aims to investigate the impact of message characteristics on users’ susceptibility to social engineering victimization on Facebook. In doing so, we investigate the role of the central route of persuasion, peripheral route of persuasion, and perceived risk on susceptibility to social engineering on Facebook. In addition, we investigate the mediation effects between the explored factors, and whether there is any relationship between the effectiveness of them and users’ demographics. Full article
(This article belongs to the Special Issue Insider Attacks)
Show Figures

Figure 1

Open AccessArticle
SDN-Based Intrusion Detection System for Early Detection and Mitigation of DDoS Attacks
Information 2019, 10(3), 106; https://doi.org/10.3390/info10030106 - 08 Mar 2019
Cited by 15
Abstract
The current paper addresses relevant network security vulnerabilities introduced by network devices within the emerging paradigm of Internet of Things (IoT) as well as the urgent need to mitigate the negative effects of some types of Distributed Denial of Service (DDoS) attacks that [...] Read more.
The current paper addresses relevant network security vulnerabilities introduced by network devices within the emerging paradigm of Internet of Things (IoT) as well as the urgent need to mitigate the negative effects of some types of Distributed Denial of Service (DDoS) attacks that try to explore those security weaknesses. We design and implement a Software-Defined Intrusion Detection System (IDS) that reactively impairs the attacks at its origin, ensuring the “normal operation” of the network infrastructure. Our proposal includes an IDS that automatically detects several DDoS attacks, and then as an attack is detected, it notifies a Software Defined Networking (SDN) controller. The current proposal also downloads some convenient traffic forwarding decisions from the SDN controller to network devices. The evaluation results suggest that our proposal timely detects several types of cyber-attacks based on DDoS, mitigates their negative impacts on the network performance, and ensures the correct data delivery of normal traffic. Our work sheds light on the programming relevance over an abstracted view of the network infrastructure to timely detect a Botnet exploitation, mitigate malicious traffic at its source, and protect benign traffic. Full article
(This article belongs to the Special Issue Insider Attacks)
Show Figures

Figure 1

Back to TopTop