Misuseablity analysis for IT infrastructure

To read the full-text of this research, you can request a copy directly from the authors.


Today, organizations have limited resources available to allocate to the detection of complex cyber-attacks. In order to optimize their resource allocation, organizations must conduct a thorough risk analysis process so as to focus their efforts and resources on the protection of the organization's important assets. In this study we propose a framework that automatically and dynamically derives a misuseability score for every IT component (e.g., PC, laptop, server, router, smartphone, and user). The misuseability score encapsulates the potential damage that can be caused to the organization when its assets are compromised and misused.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

ResearchGate has not been able to resolve any citations for this publication.
Full-text available
Detecting and preventing data leakage and data misuse poses a serious challenge for organizations, especially when dealing with insiders with legitimate permissions to access the organization's systems and its critical data. In this paper, we present a new concept, Misuseability Weight, for estimating the risk emanating from data exposed to insiders. This concept focuses on assigning a score that represents the sensitivity level of the data exposed to the user and by that predicts the ability of the user to maliciously exploit this data. Then, we propose a new measure, the M-score, which assigns a misuseability weight to tabular data, discuss some of its properties, and demonstrate its usefulness in several leakage scenarios. One of the main challenges in applying the M-score measure is in acquiring the required knowledge from a domain expert. Therefore, we present and evaluate two approaches toward eliciting misuseability conceptions from the domain expert.
In recent years, data leakage prevention solutions became an inherent component of the organizations' security suite. These solutions focus mainly on the data and its sensitivity level, and on preventing it from reaching an unauthorized entity. They ignore, however, the fact that an insider is gradually exposed to more and more sensitive data to which she is authorized to access. Such data may cause great damage to the organization when leaked or misused. In this research, we propose an extension to the misuseability weight concept. Our main goal is to define a misuseability measure called TM-Score for textual data. Using this measure, the organization can estimate the extent of damage that can be caused by an insider that is continuously and gradually exposed to textual content (e.g., documents and emails). The extent of damage is determined by the amount, type, and quality of information to which the insider was exposed. We present a two-step method for the continuous assignment of a misuseability score to a set of documents and evaluate the proposed method using the Enron email data set.