Modeling and verification of insider threats using logical analysis

In this paper we combine formal modeling and analysis of infrastructures of organisations with sociological explanation to provide a framework for insider threat analysis. We use the Higher Order Logic proof assistant Isabelle/HOL to support this framework. In the formal model, we exhibit and use a common trick from the formal verification of security protocols showing that it is applicable to insider threats. We introduce briefly a three step process of social explanation illustrating that it can be applied fruitfully to the characterisation of insider threats. We introduce the Insider theory constructed in Isabelle that implements this process of social explanation. To validate that the social explanation is generally useful for the analysis of insider threats and to demonstrate our framework, we model and verify the insider threat patterns Entitled Independent and Ambitious Leader in our Isabelle/HOL framework

Towards formal analysis of insider threats for auctions

This paper brings together the world of insider threats and auctions. For online-auction systems, like eBay, but also for high-value one-off auction algorithms as they are used for selling radio wave frequencies, the use of rigorous machine supported modelling and verification techniques is meaningful to prove correctness and scrutinize vulnerability to security and privacy attacks. Surveying the threats in auctions and insider collusions, we present an approach to model and analyze auction protocols for insider threats using the interactive theorem prover Isabelle. As a case study, we use the cocaine auction protocol that represents a nice combination of cryptographic techniques, protocols, and privacy goals suitable for highlighting insider threats for auctions

Attack tree analysis for insider threats on the IoT using Isabelle

The Internet-of-Things (IoT) aims at integrating small devices around humans. The threat from human insiders in “regular” organisations is real; in a fully-connected world of the IoT, organisations face a substantially more severe security challenge due to unexpected access possibilities and information flow. In this paper, we seek to illustrate and classify insider threats in relation to the IoT (by ‘smart insiders’), exhibiting attack vectors for their characterisation. To model the attacks we apply a method of formal modelling of Insider Threats in the interactive theorem prover Isabelle. On the classified IoT attack examples, we show how this logical approach can be used to make the models more precise and to analyse the previously identified Insider IoT attacks using Isabelle attack tree

Anisotropic electrical resistivity of LaFeAsO: evidence for electronic nematicity

Single crystals of LaFeAsO were successfully grown out of KI flux. Temperature dependent electrical resistivity was measured with current flow along the basal plane, \rho_perpend(T), as well as with current flow along the crystallographic c-axis, \rho_parallel(T), the latter one utilizing electron beam lithography and argon ion beam milling. The anisotropy ratio was found to lie between \rho_parallel/\rho_perpend = 20 - 200. The measurement of \rho_perpend(T) was performed with current flow along the tetragonal [1 0 0] direction and along the [1 1 0] direction and revealed a clear in-plane anisotropy already at T \leq 175 K. This is significantly above the orthorhombic distortion at T_0 = 147 K and indicates the formation of an electron nematic phase. Magnetic susceptibility and electrical resistivity give evidence for a change of the magnetic structure of the iron atoms from antiferromagnetic to ferromagnetic arrangement along the c-axis at T^\ast = 11 K.Comment: 10 pages, 6 figures, minor change

Insider threats for auctions: formalization, mechanized proof, and code generation

This paper applies machine assisted formal methods to explore insider threats for auctions. Auction systems, like eBay, are an important problem domain for formal analysis because they challenge modelling concepts as well as analysis methods. We use machine assisted formal modelling and proof in Isabelle to demonstrate how security and privacy goals of auction protocols can be formally verified. Applying the costly scrutiny of formal methods is justified for auctions since privacy and trust are prominent issues and auctions are sometimes designed for one-off occasions where high bids are at stake. For example, when radio wave frequencies are on sale, auctions are especially created for just one occasion where fair and consistent behaviour is required. Investigating the threats in auctions and insider collusions, we model and analyze auction protocols for insider threats using the interactive theorem prover Isabelle. We use the existing example of a fictitious cocaine auction protocol from the literature to develop and illustrate our approach. Combining the Isabelle Insider framework with the inductive approach to verifying security protocols in Isabelle, we formalize the cocaine auction protocol, prove that this formal definition excludes sweetheart deals, and also that collusion attacks cannot generally be excluded. The practical implication of the formalization is demonstrated by code generation. Isabelle allows generating code from constructive specifications into the programming language Scala. We provide constructive test functions for cocaine auction traces, prove within Isabelle that these functions conform to the protocol definition, and apply code generation to produce an implementation of the executable test predicate for cocaine auction traces in Scala

A probabilistic analysis framework for malicious insider threats

Malicious insider threats are difficult to detect and to mitigate. Many approaches for explaining behaviour exist, but there is little work to relate them to formal approaches to insider threat detection. In this work we present a general formal framework to perform analysis for malicious insider threats, based on probabilistic modelling, verification, and synthesis techniques. The framework first identifies insiders' intention to perform an inside attack, using Bayesian networks, and in a second phase computes the probability of success for an inside attack by this actor, using probabilistic model checking

The impact of vegetation on fractionation of rare earth elements(REE) during water–rock interaction

Previous studies on waters of a streamlet in the Vosges mountains (eastern France) have shown that Sr and rare earth elements (REE) principally originate from apatite dissolution during weathering. However, stream water REE patterns normalized to apatite are still depleted in light REE (LREE, La–Sm) pointing to the presence of an additional LREE depleting process. Speciation calculations indicate that complexation cannot explain this additional LREE depletion. In contrast, vegetation samples are strongly enriched in LREE compared to water and their Sr and Nd isotopic compositions are comparable with those of apatite and waters. Thus, the preferential LREE uptake by the plants at the root–water–soil (apatite) interface might lead to an additional LREE depletion of the waters in the forested catchment. Mass balance calculations indicate that the yearly LREE uptake by vegetation is comparable with the LREE export by the streamlet and, therefore, might be an important factor controlling the LREE depletion in river waters