A review of insider threat detection approaches with IoT perspective

Aram Kim, Junhyoung Oh, Jinho Ryu, Kyungho Lee

Research output: Contribution to journalArticle

Abstract

Security professionals, government agencies, and corporate organizations have found an inherent need to prevent or mitigate attacks from insider threats. Accordingly, active research on insider threat detection has been conducted to prevent and mitigate adverse effects such as leakage of valuable information that may be caused by insiders. Along with the growth of Internet-of-Things (IoT), new security challenges arise in the existing security frameworks. Attack surfaces are significantly enlarged which could cause a severe risk in terms of company insider threat management. In this work, we provide a generalization of aspects of insider threats with IoT and analyze the surveyed literature based on both private and public sources. We then examine data sources considering IoT environments based on the characteristics and the structure of IoT (perceptual, network, and application layers). The result of reviewing the study shows that using the data source of the network and application layer is more suitable than the perceptual layer in the IoT environment. We also categorized each layer's data sources according to their features, and we investigated research objectives and methods for each category. Finally, the potential for utilization and limitations under the IoT environment are presented at the end of each layer examination.

Original languageEnglish
Article number9078082
Pages (from-to)78847-78867
Number of pages21
JournalIEEE Access
Volume8
DOIs
Publication statusPublished - 2020

Keywords

  • Insider threat detection
  • Internet-of-Things
  • dataset
  • survey

ASJC Scopus subject areas

  • Computer Science(all)
  • Materials Science(all)
  • Engineering(all)

Fingerprint Dive into the research topics of 'A review of insider threat detection approaches with IoT perspective'. Together they form a unique fingerprint.

  • Cite this