Abstract:
New approach of identification of “weak” signs of violations of information security is
suggested. Initial information for identification of “weak” signs of violations of information security by
the insider-malefactor are the observed potential purposes of the insider-malefactor.
Emergence of new valuable information, in which the insider-malefactor is interested, will cause
behavioral reaction of the insider-malefactor in some information spaces. Methods of searching of
such reactions in various information spaces are the purpose of this work.
The probability model of a reaction of an insider-malefactor in case of repeated emergence of
a purpose is constructed. It is shown that usage of many information spaces significantly increases
possibilities of identification of influence of a purpose on behavior of an insider-malefactor.
Keywords:information security, information spaces, behavioral signs of a violator of information security.
Fulltext:
PDF file (160 kB)