Insider Threat Detection on the Windows Operating System using Virtual Machine Introspection

Existing insider threat defensive technologies focus on monitoring network traffic or events generated by activities on a user\u27s workstation. This research develops a methodology for signaling potentially malicious insider behavior using virtual machine introspection (VMI). VMI provides a novel means to detect potential malicious insiders because the introspection tools remain transparent and inaccessible to the guest and are extremely difficult to subvert. This research develops a four step methodology for development and validation of malicious insider threat alerting using VMI. Six core use cases are developed along with eighteen supporting scenarios. A malicious attacker taxonomy is used to decompose each scenario to aid identification of observables for monitoring for potentially malicious actions. The effectiveness of the identified observables is validated through the use of two data sets, one containing simulated normal and malicious insider user behavior and the second from a computer network operations exercise. Compiled Memory Analysis Tool - Virtual (CMAT-V) and Xen hypervisor capabilities are leveraged to perform VMI and insider threat detection. Results of the research show the developed methodology is effective in detecting all defined malicious insider scenarios used in this research on Windows guests

The InfoSec Handbook

Computer scienc

The InfoSec Handbook

Computer scienc

Managerial Strategies Small Businesses Use to Prevent Cybercrime

Estimated worldwide losses due to cybercrime are approximately $375-575 billion annually, affecting governments, business organizations, economies, and society. With globalization on the rise, even small businesses conduct transactions worldwide through the use of information technology (IT), leaving these small businesses vulnerable to the intrusion of their networks. The purpose of this multiple case study was to explore the managerial strategies of small manufacturing business owners to protect their financial assets, data, and intellectual property from cybercrime. The conceptual framework was systems thinking and action theory. Participants included 4 small manufacturing business owners in the midwestern region of the United States. Data were collected via face-to-face interviews with owners, company documentation, and observations. Member checking was used to help ensure data reliability and validity. Four themes emerged from the data analysis: organizational policies, IT structure, managerial strategies, and assessment and action. Through effective IT security and protocols, proactive managerial strategies, and continuous evaluation of the organization\u27s system, the small business owner can sustain the business and protect it against potential cyberattacks on the organization\u27s network. The findings of the study have implications for positive social change by informing managers regarding (a) the elimination or reduction of cybercrimes, (b) the protection of customers\u27 information, and (c) the prevention of future breaches by implementing effective managerial strategies to protect individuals in society

Developing an Information Security Program (ISP) for the Town of Nantucket

This Interactive Qualifying Project report to the Information Technology Department of the Town of Nantucket, discusses the importance of developing an Information Security Program (ISP) for town departments. The report details the history of information security risks, actions taken in response, and a thorough analysis of information security procedures. Our group utilized electronic surveys and interviews to gather feedback regarding the opinions of town employees on the security of information within the town departments and what specifics must be included within the ISP. The final product for this project provides a framework for a comprehensive security policy, and our findings create a detailed guide that will aid with the finalization and implementation of the ISP

ACUTA Journal of Telecommunications in Higher Education

In This Issue Technology Advances: The View from 10,000 Feet WAP: Are You Ready for a Wireless World? Virtual Private Networks: How They Can Work for Colleges and Universities Network Security: How\u27s Your Posture? Software for Rent: Contact ASP Voicing My IPinion Institutional Excellence Award: Colorado Christian University Columns Interview Book Revie