Formal Mitigation Strategies for the Insider Threat: A Security Model and Risk Analysis Framework

The advancement of technology and reliance on information systems have fostered an environment of sharing and trust. The rapid growth and dependence on these systems, however, creates an increased risk associated with the insider threat. The insider threat is one of the most challenging problems facing the security of information systems because the insider already has capabilities within the system. Despite research efforts to prevent and detect insiders, organizations remain susceptible to this threat because of inadequate security policies and a willingness of some individuals to betray their organization. To investigate these issues, a formal security model and risk analysis framework are used to systematically analyze this threat and develop effective mitigation strategies. This research extends the Schematic Protection Model to produce the first comprehensive security model capable of analyzing the safety of a system against the insider threat. The model is used to determine vulnerabilities in security policies and system implementation. Through analysis, mitigation strategies that effectively reduce the threat are identified. Furthermore, an action-based taxonomy that expresses the insider threat through measurable and definable actions is presented. A risk analysis framework is also developed that identifies individuals within an organization that display characteristics indicative of a malicious insider. The framework uses a multidisciplinary process by combining behavior and technical attributes to produce a single threat level for each individual within the organization. Statistical analysis using the t-distribution and prediction interval on the threat levels reveal those individuals that are a potential threat to the organization. The effectiveness of the framework is illustrated using the case study of Robert Hanssen, demonstrating the process would likely have identified him as an insider threat

A Multidiscipline Approach to Mitigating the Insider Threat

Preventing and detecting the malicious insider is an inherently difficult problem that expands across many areas of expertise such as social, behavioral and technical disciplines. Unfortunately, current methodologies to combat the insider threat have had limited success primarily because techniques have focused on these areas in isolation. The technology community is searching for technical solutions such as anomaly detection systems, data mining and honeypots. The law enforcement and counterintelligence communities, however, have tended to focus on human behavioral characteristics to identify suspicious activities. These independent methods have limited effectiveness because of the unique dynamics associated with the insider threat. The solution requires a multidisciplinary approach with a clearly defined methodology that attacks the problem in an organized and consistent manner. The purpose of this paper is to present a framework that provides a systematic way to identify the malicious insider and describe a methodology to counter the threat. Our model, the Multidiscipline Approach to Mitigating the Insider Threat (MAMIT), introduces a novel process for addressing this challenge. MAMIT focuses on the collaboration of information from the relative disciplines and uses indicators to produce a consolidated matrix demonstrating the likelihood of an individual being a malicious insider. The well-known espionage case study involving Robert Hanssen is used to illustrate the effectiveness of the framework

Reducing Detailed Vehicle Energy Dynamics to Physics-Like Models

The energy demand of vehicles, particularly in unsteady drive cycles, is affected by complex dynamics internal to the engine and other powertrain components. Yet, in many applications, particularly macroscopic traffic flow modeling and optimization, structurally simple approximations to the complex vehicle dynamics are needed that nevertheless reproduce the correct effective energy behavior. This work presents a systematic model reduction pipeline that starts from complex vehicle models based on the Autonomie software and derives a hierarchy of simplified models that are fast to evaluate, easy to disseminate in open-source frameworks, and compatible with optimization frameworks. The pipeline, based on a virtual chassis dynamometer and subsequent approximation strategies, is reproducible and is applied to six different vehicle classes to produce concrete explicit energy models that represent an average vehicle in each class and leverage the accuracy and validation work of the Autonomie software.Comment: 40 pages, 9 figure

An accurate circuit-based description of retinal ganglion cell computation

https://doi.org/10.1186/1471-2202-16-S1-O

Short‐wave infrared light imaging measures tissue moisture and distinguishes superficial from deep burns

Existing clinical approaches and tools to measure burn tissue destruction are limited resulting in misdiagnosis of injury depth in over 40% of cases. Thus, our objective in this study was to characterize the ability of short‐wave infrared (SWIR) imaging to detect moisture levels as a surrogate for tissue viability with resolution to differentiate between burns of various depths. To accomplish our aim, we constructed an imaging system consisting of a broad‐band Tungsten light source; 1,200‐, 1,650‐, 1,940‐, and 2,250‐nm wavelength filters; and a specialized SWIR camera. We initially used agar slabs to provide a baseline spectrum for SWIR light imaging and demonstrated the differential absorbance at the multiple wavelengths, with 1,940 nm being the highest absorbed wavelength. These spectral bands were then demonstrated to detect levels of moisture in inorganic and in vivo mice models. The multiwavelength SWIR imaging approach was used to diagnose depth of burns using an in vivo porcine burn model. Healthy and injured skin regions were imaged 72 hours after short (20 seconds) and long (60 seconds) burn application, and biopsies were extracted from those regions for histologic analysis. Burn depth analysis based on collagen coagulation histology confirmed the formation of superficial and deep burns. SWIR multispectral reflectance imaging showed enhanced intensity levels in long burned regions, which correlated with histology and distinguished between superficial and deep burns. This SWIR imaging method represents a novel, real‐time method to objectively distinguishing superficial from deep burns.Peer Reviewedhttps://deepblue.lib.umich.edu/bitstream/2027.42/154351/1/wrr12779_am.pdfhttps://deepblue.lib.umich.edu/bitstream/2027.42/154351/2/wrr12779.pd

Coordinating Tissue Regeneration Through Transforming Growth Factorâ β Activated Kinase 1 Inactivation and Reactivation

Aberrant wound healing presents as inappropriate or insufficient tissue formation. Using a model of musculoskeletal injury, we demonstrate that loss of transforming growth factorâ β activated kinase 1 (TAK1) signaling reduces inappropriate tissue formation (heterotopic ossification) through reduced cellular differentiation. Upon identifying increased proliferation with loss of TAK1 signaling, we considered a regenerative approach to address insufficient tissue production through coordinated inactivation of TAK1 to promote cellular proliferation, followed by reactivation to elicit differentiation and extracellular matrix production. Although the current regenerative medicine paradigm is centered on the effects of drug treatment (â drug onâ ), the impact of drug withdrawal (â drug offâ ) implicit in these regimens is unknown. Because current TAK1 inhibitors are unable to phenocopy genetic Tak1 loss, we introduce the dualâ inducible COmbinational Sequential Inversion ENgineering (COSIEN) mouse model. The COSIEN mouse model, which allows us to study the response to targeted drug treatment (â drug onâ ) and subsequent withdrawal (â drug offâ ) through genetic modification, was used here to inactivate and reactivate Tak1 with the purpose of augmenting tissue regeneration in a calvarial defect model. Our study reveals the importance of both the â drug onâ (Creâ mediated inactivation) and â drug offâ (Flpâ mediated reactivation) states during regenerative therapy using a mouse model with broad utility to study targeted therapies for disease. Stem Cells 2019;37:766â 778Manipulating transforming growth factor βâ activated kinase 1 for cell and scaffold free tissue regeneration using a dualâ inducible Combinational Sequential Inversion Engineering mouse model.Peer Reviewedhttps://deepblue.lib.umich.edu/bitstream/2027.42/149573/1/stem2991_am.pdfhttps://deepblue.lib.umich.edu/bitstream/2027.42/149573/2/stem2991.pd

A community-powered search of machine learning strategy space to find NMR property prediction models

The rise of machine learning (ML) has created an explosion in the potential strategies for using data to make scientific predictions. For physical scientists wishing to apply ML strategies to a particular domain, it can be difficult to assess in advance what strategy to adopt within a vast space of possibilities. Here we outline the results of an online community-powered effort to swarm search the space of ML strategies and develop algorithms for predicting atomic-pairwise nuclear magnetic resonance (NMR) properties in molecules. Using an open-source dataset, we worked with Kaggle to design and host a 3-month competition which received 47,800 ML model predictions from 2,700 teams in 84 countries. Within 3 weeks, the Kaggle community produced models with comparable accuracy to our best previously published "in-house" efforts. A meta-ensemble model constructed as a linear combination of the top predictions has a prediction accuracy which exceeds that of any individual model, 7-19x better than our previous state-of-the-art. The results highlight the potential of transformer architectures for predicting quantum mechanical (QM) molecular properties

Traffic Control via Connected and Automated Vehicles: An Open-Road Field Experiment with 100 CAVs

The CIRCLES project aims to reduce instabilities in traffic flow, which are naturally occurring phenomena due to human driving behavior. These "phantom jams" or "stop-and-go waves,"are a significant source of wasted energy. Toward this goal, the CIRCLES project designed a control system referred to as the MegaController by the CIRCLES team, that could be deployed in real traffic. Our field experiment leveraged a heterogeneous fleet of 100 longitudinally-controlled vehicles as Lagrangian traffic actuators, each of which ran a controller with the architecture described in this paper. The MegaController is a hierarchical control architecture, which consists of two main layers. The upper layer is called Speed Planner, and is a centralized optimal control algorithm. It assigns speed targets to the vehicles, conveyed through the LTE cellular network. The lower layer is a control layer, running on each vehicle. It performs local actuation by overriding the stock adaptive cruise controller, using the stock on-board sensors. The Speed Planner ingests live data feeds provided by third parties, as well as data from our own control vehicles, and uses both to perform the speed assignment. The architecture of the speed planner allows for modular use of standard control techniques, such as optimal control, model predictive control, kernel methods and others, including Deep RL, model predictive control and explicit controllers. Depending on the vehicle architecture, all onboard sensing data can be accessed by the local controllers, or only some. Control inputs vary across different automakers, with inputs ranging from torque or acceleration requests for some cars, and electronic selection of ACC set points in others. The proposed architecture allows for the combination of all possible settings proposed above. Most configurations were tested throughout the ramp up to the MegaVandertest