Bio-inspired approach to thwart against insider threats: An access control policy regulation framework

Abstract

With the ever increasing number of insider attacks (data breaches) and security incidents it is evident that the traditional manual and standalone access control models for cyber-security are unable to defend complex and large organizations. The new access control models must focus on auto-resiliency, integration and fast response-time to timely react against insider attacks. To meet these objectives, even after decades of development of cyber-security systems, there still exist inherent limitations (i.e., understanding of behavioral anomalies) in current cyber-security architecture that allow adversaries to not only plan and launch attacks effectively but also learn and evade detection easily. In this research we propose a bio-inspired integrated access control policy regulation framework which not only allows us to understand anomalous behavior of an insider but also provides theoretical background to link behavioral anomalies to the access control regulation. To demonstrate the effectiveness of our proposed framework we use real-life threat dataset for the evaluation purposes.