Reachability-based impact as a measure for insiderness

Christian W. Probst, René Rydhof Hansen

Research output: Contribution to journalJournal articleResearchpeer-review

79 Downloads (Pure)


Insider threats pose a difficult problem for many organisations. While organisations in principle would like to judge the risk posed by a specific insider threat, this is in general not possible. This limitation is caused partly by the lack of models for human behaviour, partly by restrictions on how much and what may be monitored, and by our inability to identify relevant features in large amounts of logged data. To overcome this, the notion of insiderness has been proposed, which measures the degree of access an actor has to a certain resource. We extend this notion with the concept of impact of an insider, and present different realisations of impact. The suggested approach results in readily usable techniques that allow to get a quick overview of potential insider threats based on locations and assets reachable by employees. We present several variations ranging from pure reachability to potential damage to assets causable by an insider.
Original languageEnglish
JournalJournal of Wireless Mobile Networks, Ubiquitous Computing and Dependable Applications
Issue number4
Pages (from-to)38-48
Publication statusPublished - 2013


  • Insider threats
  • Insiderness
  • System models


Dive into the research topics of 'Reachability-based impact as a measure for insiderness'. Together they form a unique fingerprint.

Cite this