CFP last date
20 January 2025
Call for Paper
February Edition
IJCA solicits high quality original research papers for the upcoming February edition of the journal. The last date of research paper submission is 20 January 2025

Submit your paper
Know more
The week's pick
Responsive image
Implementation of Feature Selection Using Correlation Matrix in Python

Ahmad Farhan AlShammari
Random Articles
Reseach Article

Insider Threats in Air-Gapped Networks: A Security Perspective

by Ashwini Kumar Verma, Sanjay Kumar Sharma
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 186 - Number 58
Year of Publication: 2024
Authors: Ashwini Kumar Verma, Sanjay Kumar Sharma
10.5120/ijca2024924338

Ashwini Kumar Verma, Sanjay Kumar Sharma . Insider Threats in Air-Gapped Networks: A Security Perspective. International Journal of Computer Applications. 186, 58 ( Dec 2024), 16-20. DOI=10.5120/ijca2024924338

@article{ 10.5120/ijca2024924338,
author = { Ashwini Kumar Verma, Sanjay Kumar Sharma },
title = { Insider Threats in Air-Gapped Networks: A Security Perspective },
journal = { International Journal of Computer Applications },
issue_date = { Dec 2024 },
volume = { 186 },
number = { 58 },
month = { Dec },
year = { 2024 },
issn = { 0975-8887 },
pages = { 16-20 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume186/number58/insider-threats-in-air-gapped-networks-a-security-perspective/ },
doi = { 10.5120/ijca2024924338 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-12-27T02:46:14.164717+05:30
%A Ashwini Kumar Verma
%A Sanjay Kumar Sharma
%T Insider Threats in Air-Gapped Networks: A Security Perspective
%J International Journal of Computer Applications
%@ 0975-8887
%V 186
%N 58
%P 16-20
%D 2024
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Mitigating the risks posed by insiders with legitimate access is a complex challenge in the field of cybersecurity. Even with cutting-edge security policies in place, malevolent insiders remain a significant threat to businesses due to their comprehensive awareness of organizational assets and processes, which may include exploitable vulnerabilities. This threat is particularly concerning for air-gapped networks, which are frequently utilized by security-sensitive entities such as the military, critical infrastructure, finance, and research and development institutions. While these networks are difficult to hack from the outside, they are highly susceptible to insider attacks. While there are existing insider danger taxonomies for general computer networks, they do not account for the unique risks associated with malicious insider in air-gapped networks. As a result, authors have developed a new taxonomy that focuses on the actions taken by trusted individuals. Our research involved identifying the shortcomings of current taxonomies and mapping real-world instances of insider threats to our proposed taxonomy. Our findings suggest that successful exploits in air-gapped networks require both physical and cyber-world components.

References
  1. Kont, M., Pihelgas, M., Wojtkowiak, J., Trinberg, L., and Osula, A. M. 2015. Insider threat detection study. NATO CCD COE, Tallinn.
  2. Guri, M., and Elovici, Y. 2018. Bridgeware: The air-gap malware. Communications of the ACM, 61(4), 74-82. DOI:10.1145/3177230.
  3. Choo, K. K. R., Smith, R. G., McCusker, R., and Choo, K. K. R. 2007. Future directions in technology-enabled crime: 2007-09. Canberra: Australian Institute of Criminology.
  4. Choo, K. K. R., and Smith, R. G. 2008. Criminal exploitation of online systems by organised crime groups. Asian journal of criminology, 3, 37-59. DOI: 10.1007/s11417-007-9035-y.
  5. Al-Mhiqani, M. N., Ahmad, R., Zainal Abidin, Z., Yassin, W., Hassan, A., Abdulkareem, K. H., and Yunos, Z. 2020. A review of insider threat detection: classification, machine learning techniques, datasets, open challenges, and recommendations. Applied Sciences, 10(15), 5208. DOI: 10.3390/app10155208.
  6. Saxena, N., Hayes, E., Bertino, E., Ojo, P., Choo, K. K. R., and Burnap, P. 2020. Impact and key challenges of insider threats on organizations and critical businesses. Electronics, 9(9), 1460. DOI: 10.3390/electronics9091460.
  7. Alsowail, R. A., and Al-Shehari, T. 2020. Empirical detection techniques of insider threat incidents. IEEE Access, 8, 78385-78402. DOI: 10.1109/ACCESS.2020.2989739.
  8. Hunker, J., and Probst, C. W. 2011. Insiders and Insider Threats-An Overview of Definitions and Mitigation Techniques. J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl., 2(1), 4 27.
  9. Guri, M., Kachlon, A., Hasson, O., Kedma, G., Mirsky, Y., and Elovici, Y. 2015. Gsmem: Data exfiltration from air-gapped computers over {GSM} frequencies. In 24th {USENIX} Security Symposium ({USENIX} Security 15) (pp. 849-864).
  10. Zhou, Z., Zhang, W., and Yu, N. 2018. IREXF: data exfiltration from air-gapped networks by infrared remote control signals. arXiv preprint arXiv:1801.03218. DOI: 10.48550/arXiv.1801.03218.
  11. Brackney, R. C., and Anderson, R. H. 2004. Understanding the insider threat. Proceedings of a March 2004 workshop. RAND CORP SANTA MONICA CA.
  12. Igure, V. M., and Williams, R. D. 2008. Taxonomies of attacks and vulnerabilities in computer systems. IEEE Communications Surveys & Tutorials, 10(1), 6-19. DOI: 10.1109/COMST. 2008.4483667.
  13. Alhanahnah, M. J., Jhumka, A., and Alouneh, S. 2016. A multidimension taxonomy of insider threats in cloud computing. The Computer Journal, 59(11), 1612-1622. DOI: 10.1093/comjnl/bxw020.
  14. Team, C. I. T. 2013. Unintentional insider threats: A foundational study. cahier de recherche CMU/SEI-2013-TN-022, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA, 18. DOI: 10.1184/R1/6585575.v1.
  15. Magklaras, G. B., and Furnell, S. M. 2001. Insider threat prediction tool: Evaluating the probability of IT misuse. Computers & security, 21(1), 62-73. DOI: 10.1016/S0167-4048(02)00109-8.
  16. Predd, J., Pfleeger, S. L., Hunker, J., and Bulford, C. 2008. Insiders behaving badly. IEEE Security & Privacy, 6(4), 66-70. DOI: 10.1109/MSP.2008.87.
  17. Mundie, D. A., Perl, S., and Huth, C. L. 2013. Toward an ontology for insider threat research: Varieties of insider threat definitions. In 2013 third workshop on socio-technical aspects in security and trust (pp. 26-36). IEEE. DOI: 10.1109/STAST.2013.14.
  18. Homoliak, I., Toffalini, F., Guarnizo, J., Elovici, Y., and Ochoa, M. 2019. Insight into insiders and it: A survey of insider threat taxonomies, analysis, modeling, and countermeasures. ACM Computing Surveys (CSUR), 52(2), 1-40. DOI: 10.1145/3303771.
Index Terms

Computer Science
Information Sciences
Computer Science
Network Security
Isolated Networks

Keywords

Air-gapped Network Cyber Security Insider Attack

Powered by PhDFocusTM