A systems analysis of insider data exfiltration : a decentralized framework for disincentivizing and auditing data exfiltration
Author(s)Essilfie-Conduah, Nana,S.M.Massachusetts Institute of Technology.
Massachusetts Institute of Technology. Engineering and Management Program.
System Design and Management Program.
Abel Sanchez and Donna H. Rhodes.
MetadataShow full item record
It has become common place to hear of data breaches. Typically, we hear of external hackers as the perpetrators, however, the reality is there is a high frequency of threats from insiders within an organization and that the cost and challenge in detecting these threats is considerable. The issue has affected companies in multiple private sectors (finance, retail) and the public sector is also at risk as apparent with the Edward Snowden and Chelsea Manning cases. This thesis explores the current space of insider threats in terms of frequency, cost and complexity in attack assessment. It also explores the multiple perspectives and stakeholders that make up the complex insider threat systems. Insights from multiple insider threat cases as well as subject matter experts in cyber security were used to model and pinpoint the high value metrics around access management and logging that will aid audit efforts. Following this an exploration of kill chains, blockchain technology and hierarchical organization exploration is made. Research findings highlight the wide reach of excessive privileges and the crucial role resource access and event logging of stakeholder actions plays in the success of insider threat prevention. In response to this finding a proposal is made for a combined solution that aims to provide an easy and accessible interface for searching and requesting access to resources that scales with an organization. This proposal suggests the capitalization of the transparent and immutable properties of blockchain to ledger the requesting and approval of file access through dynamic and multi user approval logic. The solution combines simplistic file-based resource access in an accessible manner with a multi layered security approach that adds further hurdles for bad actors but provides a visible and reliable look back on an immutable audit path.
Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, System Design and Management Program, 2019Cataloged from PDF version of thesis.Includes bibliographical references (pages 105-110).
DepartmentMassachusetts Institute of Technology. Engineering and Management Program; System Design and Management Program
Massachusetts Institute of Technology
Engineering and Management Program., System Design and Management Program.