{"id":"https://openalex.org/W1545244165","doi":"https://doi.org/10.1007/978-0-387-73742-3_4","title":"Insider Threat Analysis Using Information-Centric Modeling","display_name":"Insider Threat Analysis Using Information-Centric Modeling","publication_year":2007,"publication_date":"2007-11-13","ids":{"openalex":"https://openalex.org/W1545244165","doi":"https://doi.org/10.1007/978-0-387-73742-3_4","mag":"1545244165"},"language":"en","primary_location":{"id":"doi:10.1007/978-0-387-73742-3_4","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-0-387-73742-3_4","pdf_url":"https://link.springer.com/content/pdf/10.1007%2F978-0-387-73742-3_4.pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP \u2014 The International Federation for Information Processing","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://link.springer.com/content/pdf/10.1007%2F978-0-387-73742-3_4.pdf","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5041525219","display_name":"Duc T. Ha","orcid":"https://orcid.org/0000-0001-5083-938X"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"D. Ha","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5067144627","display_name":"S. Upadhyaya","orcid":null},"institutions":[{"id":"https://openalex.org/I63190737","display_name":"University at Buffalo, State University of New York","ror":"https://ror.org/01y64my43","country_code":"US","type":"education","lineage":["https://openalex.org/I63190737"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"S. Upadhyaya","raw_affiliation_strings":["Computer Science and Engineering, University at Buffalo, Buffalo","University at buffalo"],"affiliations":[{"raw_affiliation_string":"Computer Science and Engineering, University at Buffalo, Buffalo","institution_ids":["https://openalex.org/I63190737"]},{"raw_affiliation_string":"University at buffalo","institution_ids":["https://openalex.org/I63190737"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5062573204","display_name":"Hung Q. Ngo","orcid":"https://orcid.org/0000-0001-8246-8392"},"institutions":[{"id":"https://openalex.org/I63190737","display_name":"University at Buffalo, State University of New York","ror":"https://ror.org/01y64my43","country_code":"US","type":"education","lineage":["https://openalex.org/I63190737"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"H. Ngo","raw_affiliation_strings":["Computer Science and Engineering, University at Buffalo, Buffalo","University at buffalo"],"affiliations":[{"raw_affiliation_string":"Computer Science and Engineering, University at Buffalo, Buffalo","institution_ids":["https://openalex.org/I63190737"]},{"raw_affiliation_string":"University at buffalo","institution_ids":["https://openalex.org/I63190737"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5113681447","display_name":"S. Pramanik","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"S. Pramanik","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5035584553","display_name":"R. Chinchani","orcid":null},"institutions":[{"id":"https://openalex.org/I135428043","display_name":"Cisco Systems (United States)","ror":"https://ror.org/03yt1ez60","country_code":"US","type":"company","lineage":["https://openalex.org/I135428043"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"R. Chinchani","raw_affiliation_strings":["Cisco Systems, San Jose","Cisco Systems"],"affiliations":[{"raw_affiliation_string":"Cisco Systems, San Jose","institution_ids":["https://openalex.org/I135428043"]},{"raw_affiliation_string":"Cisco Systems","institution_ids":["https://openalex.org/I135428043"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5073439530","display_name":"S. Mathew","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"S. Mathew","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5041525219"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":3.7182,"has_fulltext":true,"cited_by_count":26,"citation_normalized_percentile":{"value":0.9372722,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"55","last_page":"73"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/insider","display_name":"Insider","score":0.8593550324440002},{"id":"https://openalex.org/keywords/insider-threat","display_name":"Insider threat","score":0.8163823485374451},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7115029096603394},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6590531468391418},{"id":"https://openalex.org/keywords/intelligence-analysis","display_name":"Intelligence analysis","score":0.47809717059135437},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.47186630964279175},{"id":"https://openalex.org/keywords/graphics","display_name":"Graphics","score":0.42882102727890015},{"id":"https://openalex.org/keywords/threat-model","display_name":"Threat model","score":0.4159194827079773}],"concepts":[{"id":"https://openalex.org/C2778971194","wikidata":"https://www.wikidata.org/wiki/Q1664551","display_name":"Insider","level":2,"score":0.8593550324440002},{"id":"https://openalex.org/C2776633304","wikidata":"https://www.wikidata.org/wiki/Q6038026","display_name":"Insider threat","level":3,"score":0.8163823485374451},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7115029096603394},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6590531468391418},{"id":"https://openalex.org/C517642484","wikidata":"https://www.wikidata.org/wiki/Q2388514","display_name":"Intelligence analysis","level":2,"score":0.47809717059135437},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.47186630964279175},{"id":"https://openalex.org/C21442007","wikidata":"https://www.wikidata.org/wiki/Q1027879","display_name":"Graphics","level":2,"score":0.42882102727890015},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.4159194827079773},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C121684516","wikidata":"https://www.wikidata.org/wiki/Q7600677","display_name":"Computer graphics (images)","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1007/978-0-387-73742-3_4","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-0-387-73742-3_4","pdf_url":"https://link.springer.com/content/pdf/10.1007%2F978-0-387-73742-3_4.pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP \u2014 The International Federation for Information Processing","raw_type":"book-chapter"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.129.9736","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.129.9736","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cse.buffalo.edu/~shambhu/documents/pdf/ifip-chapter-2007.pdf","raw_type":"text"}],"best_oa_location":{"id":"doi:10.1007/978-0-387-73742-3_4","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-0-387-73742-3_4","pdf_url":"https://link.springer.com/content/pdf/10.1007%2F978-0-387-73742-3_4.pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP \u2014 The International Federation for Information Processing","raw_type":"book-chapter"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.7599999904632568}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W1545244165.pdf","grobid_xml":"https://content.openalex.org/works/W1545244165.grobid-xml"},"referenced_works_count":16,"referenced_works":["https://openalex.org/W1746680969","https://openalex.org/W1986538507","https://openalex.org/W2005811057","https://openalex.org/W2024586985","https://openalex.org/W2045414949","https://openalex.org/W2054127354","https://openalex.org/W2083658929","https://openalex.org/W2117694832","https://openalex.org/W2121805588","https://openalex.org/W2141867896","https://openalex.org/W2146024157","https://openalex.org/W2155542779","https://openalex.org/W2161754059","https://openalex.org/W2361317469","https://openalex.org/W3118517595","https://openalex.org/W6600715805"],"related_works":["https://openalex.org/W2766781562","https://openalex.org/W4205304595","https://openalex.org/W2979782961","https://openalex.org/W308359497","https://openalex.org/W1499596878","https://openalex.org/W3136170567","https://openalex.org/W2947769183","https://openalex.org/W2018332730","https://openalex.org/W4387194049","https://openalex.org/W2286217954"],"abstract_inverted_index":{"Capability":[0],"acquisition":[1],"graphs":[2],"(CAGs)":[3],"provide":[4],"a":[5],"powerful":[6],"framework":[7],"for":[8,91],"modeling":[9,20],"insider":[10,38],"threats,":[11],"network":[12,82],"attacks":[13],"and":[14,47,73,94],"system":[15],"vulnerabilities.":[16],"However,":[17],"CAG-based":[18],"security":[19,69],"systems":[21],"have":[22],"yet":[23],"to":[24,37,64,67,80],"be":[25],"deployed":[26],"in":[27],"practice.":[28],"This":[29,84],"paper":[30],"demonstrates":[31],"the":[32,45,87],"feasibility":[33],"of":[34,49],"applying":[35],"CAGs":[36,66],"threat":[39],"analysis.":[40],"In":[41],"particular,":[42],"it":[43],"describes":[44],"design":[46],"operation":[48],"an":[50,58],"information-centric,":[51],"graphics-oriented":[52],"tool":[53,88],"called":[54],"ICMAP.":[55],"ICMAP":[56],"enables":[57],"analyst":[59],"without":[60],"any":[61],"theoretical":[62],"background":[63],"apply":[65],"answer":[68],"questions":[70],"about":[71],"vulnerabilities":[72],"likely":[74],"attack":[75,92],"scenarios,":[76],"as":[77,79],"well":[78],"monitor":[81],"nodes.":[83],"functionality":[85],"makes":[86],"very":[89],"useful":[90],"attribution":[93],"forensics.":[95]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":2},{"year":2016,"cited_by_count":2},{"year":2014,"cited_by_count":2},{"year":2012,"cited_by_count":3}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}