A systems analysis of insider data exfiltration : a decentralized framework for disincentivizing and auditing data exfiltration

Essilfie-Conduah, Nana,S.M.Massachusetts Institute of Technology.

Author(s)

Essilfie-Conduah, Nana,S.M.Massachusetts Institute of Technology.

Download1120725555-MIT.pdf (15.84Mb)

Other Contributors

Massachusetts Institute of Technology. Engineering and Management Program.

System Design and Management Program.

Advisor

Abel Sanchez and Donna H. Rhodes.

Terms of use

MIT theses are protected by copyright. They may be viewed, downloaded, or printed from this source but further reproduction or distribution in any format is prohibited without written permission. http://dspace.mit.edu/handle/1721.1/7582

Metadata

Show full item record

Abstract

It has become common place to hear of data breaches. Typically, we hear of external hackers as the perpetrators, however, the reality is there is a high frequency of threats from insiders within an organization and that the cost and challenge in detecting these threats is considerable. The issue has affected companies in multiple private sectors (finance, retail) and the public sector is also at risk as apparent with the Edward Snowden and Chelsea Manning cases. This thesis explores the current space of insider threats in terms of frequency, cost and complexity in attack assessment. It also explores the multiple perspectives and stakeholders that make up the complex insider threat systems. Insights from multiple insider threat cases as well as subject matter experts in cyber security were used to model and pinpoint the high value metrics around access management and logging that will aid audit efforts. Following this an exploration of kill chains, blockchain technology and hierarchical organization exploration is made. Research findings highlight the wide reach of excessive privileges and the crucial role resource access and event logging of stakeholder actions plays in the success of insider threat prevention. In response to this finding a proposal is made for a combined solution that aims to provide an easy and accessible interface for searching and requesting access to resources that scales with an organization. This proposal suggests the capitalization of the transparent and immutable properties of blockchain to ledger the requesting and approval of file access through dynamic and multi user approval logic. The solution combines simplistic file-based resource access in an accessible manner with a multi layered security approach that adds further hurdles for bad actors but provides a visible and reliable look back on an immutable audit path.

Description

Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, System Design and Management Program, 2019

Cataloged from PDF version of thesis.

Includes bibliographical references (pages 105-110).

Date issued

2019

URI

https://hdl.handle.net/1721.1/122440

Department

Massachusetts Institute of Technology. Engineering and Management Program

Publisher

Massachusetts Institute of Technology

Keywords

Engineering and Management Program., System Design and Management Program.

Collections

Graduate Theses