This study examined the relationship between leader-employee calling congruence on employees’voice behaviour.Participants were 173 leader-employee dyads from the Chinese service industry.They completed online surveys...This study examined the relationship between leader-employee calling congruence on employees’voice behaviour.Participants were 173 leader-employee dyads from the Chinese service industry.They completed online surveys on calling,perceived insider status,and voice behaviour.Results from polynomial regression and response surface analysis showed that employees perceived insider status to be weaker with the low leader-low subordinate calling congruence,and stronger with high leader and high subordinate calling congruence.Employees perceived insider status is stronger in low leader and high subordinate calling incongruence compared with high leader and low subordinate calling incongruence.Perceived insider status plays a mediating role among calling congruence and voice behaviour.This study’sfindings suggest pathways of calling congruence on voice behaviour,which are important for promoting employee voice behaviour and guiding organisational recruitment in the workplace.展开更多
A model of continuous-time insider trading in which a risk-neutral in-sider possesses two imperfect correlated signals of a risky asset is studied.By conditional expectation theory and filtering theory,we first establ...A model of continuous-time insider trading in which a risk-neutral in-sider possesses two imperfect correlated signals of a risky asset is studied.By conditional expectation theory and filtering theory,we first establish three lemmas:normal corre-lation,equivalent pricing and equivalent profit,which can guarantee to turn our model into a model with insider knowing full information.Then we investigate the impact of the two correlated signals on the market equilibrium consisting of optimal insider trading strategy and semi-strong pricing rule.It shows that in the equilibrium,(1)the market depth is constant over time;(2)if the two noisy signals are not linerly correlated,then all private information of the insider is incorporated into prices in the end while the whole information on the asset value can not incorporated into prices in the end;(3)if the two noisy signals are linear correlated such that the insider can infer the whole information of the asset value,then our model turns into a model with insider knowing full information;(4)if the two noisy signals are the same then the total ex ant profit of the insider is increasing with the noise decreasing,while down to O as the noise going up to infinity;(5)if the two noisy signals are not linear correlated then with one noisy signal fixed,the total ex ante profit of the insider is single-peaked with a unique minimum with respect to the other noisy signal value,and furthermore as the noisy value going to O it gets its maximum,the profit in the case that the real value is observed.展开更多
In the tobacco industry,insider employee attack is a thorny problem that is difficult to detect.To solve this issue,this paper proposes an insider threat detection method based on heterogeneous graph embedding.First,t...In the tobacco industry,insider employee attack is a thorny problem that is difficult to detect.To solve this issue,this paper proposes an insider threat detection method based on heterogeneous graph embedding.First,the interrelationships between logs are fully considered,and log entries are converted into heterogeneous graphs based on these relationships.Second,the heterogeneous graph embedding is adopted and each log entry is represented as a low-dimensional feature vector.Then,normal logs and malicious logs are classified into different clusters by clustering algorithm to identify malicious logs.Finally,the effectiveness and superiority of the method is verified through experiments on the CERT dataset.The experimental results show that this method has better performance compared to some baseline methods.展开更多
The Unintentional Insider Threat (UIT) concept highlights that insider threats might not always stem from malicious intent and can occur across various domains. This research examines how individuals with medical or p...The Unintentional Insider Threat (UIT) concept highlights that insider threats might not always stem from malicious intent and can occur across various domains. This research examines how individuals with medical or psychological issues might unintentionally become insider threats due to their perception of being targeted. Insights from the survey A Survey of Unintentional Medical Insider Threat Category indicate that such perceptions can be linked to underlying health conditions. The study Emotion Analysis Based on Belief of Targeted Individual Supporting Insider Threat Detection reveals that anger is a common emotion among these individuals. The findings suggest that UITs are often linked to medical or psychological issues, with anger being prevalent. To mitigate these risks, it is recommended that Insider Threat programs integrate expertise from medicine, psychology, and cybersecurity. Additionally, handwriting analysis is proposed as a potential tool for detecting insider threats, reflecting the evolving nature of threat assessment methodologies.展开更多
In the information era,the core business and confidential information of enterprises/organizations is stored in information systems.However,certain malicious inside network users exist hidden inside the organization;t...In the information era,the core business and confidential information of enterprises/organizations is stored in information systems.However,certain malicious inside network users exist hidden inside the organization;these users intentionally or unintentionally misuse the privileges of the organization to obtain sensitive information from the company.The existing approaches on insider threat detection mostly focus on monitoring,detecting,and preventing any malicious behavior generated by users within an organization’s system while ignoring the imbalanced ground-truth insider threat data impact on security.To this end,to be able to detect insider threats more effectively,a data processing tool was developed to process the detected user activity to generate information-use events,and formulated a Data Adjustment(DA)strategy to adjust the weight of the minority and majority samples.Then,an efficient ensemble strategy was utilized,which applied the extreme gradient boosting(XGBoost)model combined with the DA strategy to detect anomalous behavior.The CERT dataset was used for an insider threat to evaluate our approach,which was a real-world dataset with artificially injected insider threat events.The results demonstrated that the proposed approach can effectively detect insider threats,with an accuracy rate of 99.51%and an average recall rate of 98.16%.Compared with other classifiers,the detection performance is improved by 8.76%.展开更多
The security problems of wireless sensor networks (WSN) have attracted people’s wide attention. In this paper, after we have summarized the existing security problems and solutions in WSN, we find that the insider at...The security problems of wireless sensor networks (WSN) have attracted people’s wide attention. In this paper, after we have summarized the existing security problems and solutions in WSN, we find that the insider attack to WSN is hard to solve. Insider attack is different from outsider attack, because it can’t be solved by the traditional encryption and message authentication. Therefore, a reliable secure routing protocol should be proposed in order to defense the insider attack. In this paper, we focus on insider selective forwarding attack. The existing detection mechanisms, such as watchdog, multipath retreat, neighbor-based monitoring and so on, have both advantages and disadvantages. According to their characteristics, we proposed a secure routing protocol based on monitor node and trust mechanism. The reputation value is made up with packet forwarding rate and node’s residual energy. So this detection and routing mechanism is universal because it can take account of both the safety and lifetime of network. Finally, we use OPNET simulation to verify the performance of our algorithm.展开更多
Cloud computing is a high network infrastructure where users,owners,third users,authorized users,and customers can access and store their information quickly.The use of cloud computing has realized the rapid increase ...Cloud computing is a high network infrastructure where users,owners,third users,authorized users,and customers can access and store their information quickly.The use of cloud computing has realized the rapid increase of information in every field and the need for a centralized location for processing efficiently.This cloud is nowadays highly affected by internal threats of the user.Sensitive applications such as banking,hospital,and business are more likely affected by real user threats.An intruder is presented as a user and set as a member of the network.After becoming an insider in the network,they will try to attack or steal sensitive data during information sharing or conversation.The major issue in today's technological development is identifying the insider threat in the cloud network.When data are lost,compromising cloud users is difficult.Privacy and security are not ensured,and then,the usage of the cloud is not trusted.Several solutions are available for the external security of the cloud network.However,insider or internal threats need to be addressed.In this research work,we focus on a solution for identifying an insider attack using the artificial intelligence technique.An insider attack is possible by using nodes of weak users’systems.They will log in using a weak user id,connect to a network,and pretend to be a trusted node.Then,they can easily attack and hack information as an insider,and identifying them is very difficult.These types of attacks need intelligent solutions.A machine learning approach is widely used for security issues.To date,the existing lags can classify the attackers accurately.This information hijacking process is very absurd,which motivates young researchers to provide a solution for internal threats.In our proposed work,we track the attackers using a user interaction behavior pattern and deep learning technique.The usage of mouse movements and clicks and keystrokes of the real user is stored in a database.The deep belief neural network is designed using a restricted Boltzmann machine(RBM)so that the layer of RBM communicates with the previous and subsequent layers.The result is evaluated using a Cooja simulator based on the cloud environment.The accuracy and F-measure are highly improved compared with when using the existing long short-term memory and support vector machine.展开更多
Unlike external attacks,insider threats arise from legitimate users who belong to the organization.These individuals may be a potential threat for hostile behavior depending on their motives.For insider detection,many...Unlike external attacks,insider threats arise from legitimate users who belong to the organization.These individuals may be a potential threat for hostile behavior depending on their motives.For insider detection,many intrusion detection systems learn and prevent known scenarios,but because malicious behavior has similar patterns to normal behavior,in reality,these systems can be evaded.Furthermore,because insider threats share a feature space similar to normal behavior,identifying them by detecting anomalies has limitations.This study proposes an improved anomaly detection methodology for insider threats that occur in cybersecurity in which a discrete wavelet transformation technique is applied to classify normal vs.malicious users.The discrete wavelet transformation technique easily discovers new patterns or decomposes synthesized data,making it possible to distinguish between shared characteristics.To verify the efficacy of the proposed methodology,experiments were conducted in which normal users and malicious users were classified based on insider threat scenarios provided in Carnegie Mellon University’s Computer Emergency Response Team(CERT)dataset.The experimental results indicate that the proposed methodology with discrete wavelet transformation reduced the false-positive rate by 82%to 98%compared to the case with no wavelet applied.Thus,the proposed methodology has high potential for application to similar feature spaces.展开更多
The hedging problem for insiders is very important in the financial market.The locally risk minimizing hedging was adopted to solve this problem.Since the market was incomplete,the minimal martingale measure was chose...The hedging problem for insiders is very important in the financial market.The locally risk minimizing hedging was adopted to solve this problem.Since the market was incomplete,the minimal martingale measure was chosen as the equivalent martingale measure.By the F-S decomposition,the expression of the locally risk minimizing strategy was presented.Finally,the local risk minimization was applied to index tracking and its relationship with tracking error variance (TEV)-minimizing strategy was obtained.展开更多
How do auditors react to insider trading in client firms? This paper examines the effects of insider trading on the audit report date. Insiders tend to urge managers to manage earnings to make more profits through tr...How do auditors react to insider trading in client firms? This paper examines the effects of insider trading on the audit report date. Insiders tend to urge managers to manage earnings to make more profits through trading their own firm's shares. If auditors play an important role in monitoring managers, they may pay more attention to insider trading, which may delay the filing of audit reports. We find that the more the insiders trade their stocks, the longer the audit report lag is. In addition, to address the effectiveness of auditors' efforts to prevent managers from earnings management, we test whether an extra effort by auditors can reduce aggressive accounting. We also find that auditors deter aggressive accounting by stretching report lag in response to insider trading, implying that auditors' efforts weaken insiders' opportunistic behavior. This study contributes to the literature by providing evidence that insider trading is a significant determinant of the audit report lag. We suggest that auditors are interested in insiders' activity and it can enhance the quality of accounting information.展开更多
Although Brazil has a long history of having insider trading laws (IT laws) in place and became the first emerging country to enforce the IT laws (Bhattacharya & Daouk, 2002), criminal sanctions and hefty monetar...Although Brazil has a long history of having insider trading laws (IT laws) in place and became the first emerging country to enforce the IT laws (Bhattacharya & Daouk, 2002), criminal sanctions and hefty monetary penalties were only made possible by the amendment of its laws against IT on October 31, 2001. We study the stock price effects of merger announcements made by 151 firms over two periods, before and after the change of IT laws. Our empirical results suggest that target firms attained positive price run-ups in pre-announcement windows before, but not after, the legal regime change. While acquiring firms had strong positive pre-announcement reactions in both legal regimes, the abnormal returns (AR) decreased in the more stringent legal regime. These results indicate that more stringent IT laws may deter IT and improve market efficiency in an emerging country.展开更多
This study examines the relationship between earnings quality and insider trading. Using downward earnings restatement firms to identify low-quality earnings, we find that insiders outsell non-earnings restatement fir...This study examines the relationship between earnings quality and insider trading. Using downward earnings restatement firms to identify low-quality earnings, we find that insiders outsell non-earnings restatement firms of their holdings over the period from two years before to one year after the beginning of the restatement period. In addition, the amounts of restatement are positively associated with the excess insider selling. We also provide evidence that excess insider selling predicts excessive earnings manipulations that eventually lead to GAAP (Generally Accepted Accounting Principles) violation. Some researchers argued that insider trading can be an efficient way of transferring insider information to the capital markets. Our evidence of intensive insider selling in the context of earnings restatements implies that insiders disregard their fiduciary duties to the shareholders during the periods of deteriorating financial performance.展开更多
When considering Intrusion Detection and the Insider Threat, most researchers tend to focus on the network architecture rather than the database which is the primary target of data theft. It is understood that the net...When considering Intrusion Detection and the Insider Threat, most researchers tend to focus on the network architecture rather than the database which is the primary target of data theft. It is understood that the network level is adequate for many intrusions where entry into the system is being sought however it is grossly inadequate when considering the database and the authorized insider. Recent writings suggest that there have been many attempts to address the insider threat phenomena in regards to database technologies by the utilization of detection methodologies, policy management systems and behavior analysis methods however, there appears to be a lacking in the development of adequate solutions that will achieve the level of detection that is required. While it is true that Authorization is the cornerstone to the security of the database implementation, authorization alone is not enough to prevent the authorized entity from initiating malicious activities in regards to the data stored within the database. Behavior of the authorized entity must also be considered along with current data access control policies. Each of the previously mentioned approaches to intrusion detection at the database level has been considered individually, however, there has been limited research in producing a multileveled approach to achieve a robust solution. The research presented outlines the development of a detection framework by introducing a process that is to be implemented in conjunction with information requests. By utilizing this approach, an effective and robust methodology has been achieved that can be used to determine the probability of an intrusion by the authorized entity, which ultimately address the insider threat phenomena at its most basic level.展开更多
Virtualization technology plays a key role in cloud computing.Thus,the security issues of virtualization tools(hypervisors,emulators,etc.) should be under precise consideration.However,threats of insider attacks are...Virtualization technology plays a key role in cloud computing.Thus,the security issues of virtualization tools(hypervisors,emulators,etc.) should be under precise consideration.However,threats of insider attacks are underestimated.The virtualization tools and hypervisors have been poorly protected from this type of attacks.Furthermore,hypervisor is one of the most critical elements in cloud computing infrastructure.Firstly,hypervisor vulnerabilities analysis is provided.Secondly,a formal model of insider attack on hypervisor is developed.Consequently,on the basis of the formal attack model,we propose a new methodology of hypervisor stability evaluation.In this paper,certain security countermeasures are considered that should be integrated in hypervisor software architecture.展开更多
From the perspective of the insiders and outsiders,this study explores the influence of differential leadership on employees’affective commitment and the moderating effect of leader’s self-enhancing humor and indivi...From the perspective of the insiders and outsiders,this study explores the influence of differential leadership on employees’affective commitment and the moderating effect of leader’s self-enhancing humor and individual traditionality.The results show that the differential leadership has a positive impact on the organizational affective commitment of employees,the leader’s self-enhancing humor and the employees’traditionality play a positive regulatory role respectively.Moreover,compared with the outsiders,the low traditionality has a stronger influence on the relationship between differential leadership and organizational affective commitment of the insiders.This paper enriches the research on the influence of leadership style on employee’s affective commitment,proposes and verifies the moderation of leader’s self-enhancing humor and employee’s traditionality,which complements the boundary conditions for the effectiveness of differential leadership style.展开更多
A general model of insider trading on a dynamic asset in a finite time interval is proposed,in which an insider possesses the whole information on the dynamic values,noise traders without any information submit orders...A general model of insider trading on a dynamic asset in a finite time interval is proposed,in which an insider possesses the whole information on the dynamic values,noise traders without any information submit orders randomly as a martingale with volatility following a stochastic process,and market makers observe partial information when setting price in a semi-strong efficient way.With the help of filtering theory,BSDE method and dynamic programming principle,we establish a market equilibrium consisting of linear insider trading strategy and linear pricing rule,with the later characterized by price pressure on market orders and price pressure on asset observations.It shows that in the equilibrium,all the information on the risky asset is incorporated into the market price at the end of the transaction,and price pressure on market orders is a submartingale while market depth process is a martingale.Furthermore,as market makers'information precision on the asset tends to zero,the equilibrium with partial observation of market makers on the risky asset converges to the one without partial observation of market makers,while when market makers observe almost all of information on the asset,the expected profit earned by the insider makes almost zero,which is in accord with our economic intuition.Our results cover some classical results about continuous-time insider trading on a static asset.展开更多
Insider threats represent a pressing security challenge for the global aviation sector,particularly within Australia.The International Air Transport Association(IATA)recognises these threats as coming from individuals...Insider threats represent a pressing security challenge for the global aviation sector,particularly within Australia.The International Air Transport Association(IATA)recognises these threats as coming from individuals with privileged access who may intentionally or inadvertently compromise security.This research evaluates how the Australian aviation industry understands and manages insider threats,emphasising the lack of a standard defi-nition that could contribute to a lax security posture.Through a Systematic Literature Review(SLR),the study synthesises pertinent academic and industry literature,contrasting the Australian context with international perspectives to identify gaps in knowledge and practices.The methodology ensures a balanced and unbiased overview of the current discourse.Findings reveal that the Australian aviation industry’s approach to insider threats is hampered by the absence of a consistent definition,inadequate awareness,and a tendency to prioritise physical security measures over a broader spectrum of risks.Furthermore,there is a discernible cultural resis-tance to regular vetting processes.Recommendations include establishing a clear,widely recognised definition of insider threats within the aviation industry,increasing research into the distinct characteristics of these threats in Australia,and integrating ICAO guidelines and global best practices into local procedures.Promoting a vigilant security culture and enhancing vetting and training regimes are also advised.This research underscores the need for a comprehensive and proactive strategy against insider threats in Australian aviation.By adopting a vigilant,educated approach and international best practices,the industry can substantially strengthen its defence against these complex and nuanced risks.展开更多
基金supported by the Major Research Project of Philosophy and Social Sciences in Universities of Henan Province(2025-JCZD-10)the Natural Science Foundation of Henan Province(242300421311).
文摘This study examined the relationship between leader-employee calling congruence on employees’voice behaviour.Participants were 173 leader-employee dyads from the Chinese service industry.They completed online surveys on calling,perceived insider status,and voice behaviour.Results from polynomial regression and response surface analysis showed that employees perceived insider status to be weaker with the low leader-low subordinate calling congruence,and stronger with high leader and high subordinate calling congruence.Employees perceived insider status is stronger in low leader and high subordinate calling incongruence compared with high leader and low subordinate calling incongruence.Perceived insider status plays a mediating role among calling congruence and voice behaviour.This study’sfindings suggest pathways of calling congruence on voice behaviour,which are important for promoting employee voice behaviour and guiding organisational recruitment in the workplace.
文摘A model of continuous-time insider trading in which a risk-neutral in-sider possesses two imperfect correlated signals of a risky asset is studied.By conditional expectation theory and filtering theory,we first establish three lemmas:normal corre-lation,equivalent pricing and equivalent profit,which can guarantee to turn our model into a model with insider knowing full information.Then we investigate the impact of the two correlated signals on the market equilibrium consisting of optimal insider trading strategy and semi-strong pricing rule.It shows that in the equilibrium,(1)the market depth is constant over time;(2)if the two noisy signals are not linerly correlated,then all private information of the insider is incorporated into prices in the end while the whole information on the asset value can not incorporated into prices in the end;(3)if the two noisy signals are linear correlated such that the insider can infer the whole information of the asset value,then our model turns into a model with insider knowing full information;(4)if the two noisy signals are the same then the total ex ant profit of the insider is increasing with the noise decreasing,while down to O as the noise going up to infinity;(5)if the two noisy signals are not linear correlated then with one noisy signal fixed,the total ex ante profit of the insider is single-peaked with a unique minimum with respect to the other noisy signal value,and furthermore as the noisy value going to O it gets its maximum,the profit in the case that the real value is observed.
基金Supported by the National Natural Science Foundation of China(No.62203390)the Science and Technology Project of China TobaccoZhejiang Industrial Co.,Ltd(No.ZJZY2022E004)。
文摘In the tobacco industry,insider employee attack is a thorny problem that is difficult to detect.To solve this issue,this paper proposes an insider threat detection method based on heterogeneous graph embedding.First,the interrelationships between logs are fully considered,and log entries are converted into heterogeneous graphs based on these relationships.Second,the heterogeneous graph embedding is adopted and each log entry is represented as a low-dimensional feature vector.Then,normal logs and malicious logs are classified into different clusters by clustering algorithm to identify malicious logs.Finally,the effectiveness and superiority of the method is verified through experiments on the CERT dataset.The experimental results show that this method has better performance compared to some baseline methods.
文摘The Unintentional Insider Threat (UIT) concept highlights that insider threats might not always stem from malicious intent and can occur across various domains. This research examines how individuals with medical or psychological issues might unintentionally become insider threats due to their perception of being targeted. Insights from the survey A Survey of Unintentional Medical Insider Threat Category indicate that such perceptions can be linked to underlying health conditions. The study Emotion Analysis Based on Belief of Targeted Individual Supporting Insider Threat Detection reveals that anger is a common emotion among these individuals. The findings suggest that UITs are often linked to medical or psychological issues, with anger being prevalent. To mitigate these risks, it is recommended that Insider Threat programs integrate expertise from medicine, psychology, and cybersecurity. Additionally, handwriting analysis is proposed as a potential tool for detecting insider threats, reflecting the evolving nature of threat assessment methodologies.
基金This work was financially supported by“the National Key R&D Program of China”(No.2018YFB0803602)exploration and practice on the education mode for engineering students based on technology,literature and art interdisciplinary integration with the Internet+background(No.022150118004/001)。
文摘In the information era,the core business and confidential information of enterprises/organizations is stored in information systems.However,certain malicious inside network users exist hidden inside the organization;these users intentionally or unintentionally misuse the privileges of the organization to obtain sensitive information from the company.The existing approaches on insider threat detection mostly focus on monitoring,detecting,and preventing any malicious behavior generated by users within an organization’s system while ignoring the imbalanced ground-truth insider threat data impact on security.To this end,to be able to detect insider threats more effectively,a data processing tool was developed to process the detected user activity to generate information-use events,and formulated a Data Adjustment(DA)strategy to adjust the weight of the minority and majority samples.Then,an efficient ensemble strategy was utilized,which applied the extreme gradient boosting(XGBoost)model combined with the DA strategy to detect anomalous behavior.The CERT dataset was used for an insider threat to evaluate our approach,which was a real-world dataset with artificially injected insider threat events.The results demonstrated that the proposed approach can effectively detect insider threats,with an accuracy rate of 99.51%and an average recall rate of 98.16%.Compared with other classifiers,the detection performance is improved by 8.76%.
文摘The security problems of wireless sensor networks (WSN) have attracted people’s wide attention. In this paper, after we have summarized the existing security problems and solutions in WSN, we find that the insider attack to WSN is hard to solve. Insider attack is different from outsider attack, because it can’t be solved by the traditional encryption and message authentication. Therefore, a reliable secure routing protocol should be proposed in order to defense the insider attack. In this paper, we focus on insider selective forwarding attack. The existing detection mechanisms, such as watchdog, multipath retreat, neighbor-based monitoring and so on, have both advantages and disadvantages. According to their characteristics, we proposed a secure routing protocol based on monitor node and trust mechanism. The reputation value is made up with packet forwarding rate and node’s residual energy. So this detection and routing mechanism is universal because it can take account of both the safety and lifetime of network. Finally, we use OPNET simulation to verify the performance of our algorithm.
文摘Cloud computing is a high network infrastructure where users,owners,third users,authorized users,and customers can access and store their information quickly.The use of cloud computing has realized the rapid increase of information in every field and the need for a centralized location for processing efficiently.This cloud is nowadays highly affected by internal threats of the user.Sensitive applications such as banking,hospital,and business are more likely affected by real user threats.An intruder is presented as a user and set as a member of the network.After becoming an insider in the network,they will try to attack or steal sensitive data during information sharing or conversation.The major issue in today's technological development is identifying the insider threat in the cloud network.When data are lost,compromising cloud users is difficult.Privacy and security are not ensured,and then,the usage of the cloud is not trusted.Several solutions are available for the external security of the cloud network.However,insider or internal threats need to be addressed.In this research work,we focus on a solution for identifying an insider attack using the artificial intelligence technique.An insider attack is possible by using nodes of weak users’systems.They will log in using a weak user id,connect to a network,and pretend to be a trusted node.Then,they can easily attack and hack information as an insider,and identifying them is very difficult.These types of attacks need intelligent solutions.A machine learning approach is widely used for security issues.To date,the existing lags can classify the attackers accurately.This information hijacking process is very absurd,which motivates young researchers to provide a solution for internal threats.In our proposed work,we track the attackers using a user interaction behavior pattern and deep learning technique.The usage of mouse movements and clicks and keystrokes of the real user is stored in a database.The deep belief neural network is designed using a restricted Boltzmann machine(RBM)so that the layer of RBM communicates with the previous and subsequent layers.The result is evaluated using a Cooja simulator based on the cloud environment.The accuracy and F-measure are highly improved compared with when using the existing long short-term memory and support vector machine.
基金This work was supported by the Research Program through the National Research Foundation of Korea,NRF-2022R1F1A1073375。
文摘Unlike external attacks,insider threats arise from legitimate users who belong to the organization.These individuals may be a potential threat for hostile behavior depending on their motives.For insider detection,many intrusion detection systems learn and prevent known scenarios,but because malicious behavior has similar patterns to normal behavior,in reality,these systems can be evaded.Furthermore,because insider threats share a feature space similar to normal behavior,identifying them by detecting anomalies has limitations.This study proposes an improved anomaly detection methodology for insider threats that occur in cybersecurity in which a discrete wavelet transformation technique is applied to classify normal vs.malicious users.The discrete wavelet transformation technique easily discovers new patterns or decomposes synthesized data,making it possible to distinguish between shared characteristics.To verify the efficacy of the proposed methodology,experiments were conducted in which normal users and malicious users were classified based on insider threat scenarios provided in Carnegie Mellon University’s Computer Emergency Response Team(CERT)dataset.The experimental results indicate that the proposed methodology with discrete wavelet transformation reduced the false-positive rate by 82%to 98%compared to the case with no wavelet applied.Thus,the proposed methodology has high potential for application to similar feature spaces.
基金National Natural Science Foundations of China (No. 11071076,No. 11126124)
文摘The hedging problem for insiders is very important in the financial market.The locally risk minimizing hedging was adopted to solve this problem.Since the market was incomplete,the minimal martingale measure was chosen as the equivalent martingale measure.By the F-S decomposition,the expression of the locally risk minimizing strategy was presented.Finally,the local risk minimization was applied to index tracking and its relationship with tracking error variance (TEV)-minimizing strategy was obtained.
文摘How do auditors react to insider trading in client firms? This paper examines the effects of insider trading on the audit report date. Insiders tend to urge managers to manage earnings to make more profits through trading their own firm's shares. If auditors play an important role in monitoring managers, they may pay more attention to insider trading, which may delay the filing of audit reports. We find that the more the insiders trade their stocks, the longer the audit report lag is. In addition, to address the effectiveness of auditors' efforts to prevent managers from earnings management, we test whether an extra effort by auditors can reduce aggressive accounting. We also find that auditors deter aggressive accounting by stretching report lag in response to insider trading, implying that auditors' efforts weaken insiders' opportunistic behavior. This study contributes to the literature by providing evidence that insider trading is a significant determinant of the audit report lag. We suggest that auditors are interested in insiders' activity and it can enhance the quality of accounting information.
文摘Although Brazil has a long history of having insider trading laws (IT laws) in place and became the first emerging country to enforce the IT laws (Bhattacharya & Daouk, 2002), criminal sanctions and hefty monetary penalties were only made possible by the amendment of its laws against IT on October 31, 2001. We study the stock price effects of merger announcements made by 151 firms over two periods, before and after the change of IT laws. Our empirical results suggest that target firms attained positive price run-ups in pre-announcement windows before, but not after, the legal regime change. While acquiring firms had strong positive pre-announcement reactions in both legal regimes, the abnormal returns (AR) decreased in the more stringent legal regime. These results indicate that more stringent IT laws may deter IT and improve market efficiency in an emerging country.
文摘This study examines the relationship between earnings quality and insider trading. Using downward earnings restatement firms to identify low-quality earnings, we find that insiders outsell non-earnings restatement firms of their holdings over the period from two years before to one year after the beginning of the restatement period. In addition, the amounts of restatement are positively associated with the excess insider selling. We also provide evidence that excess insider selling predicts excessive earnings manipulations that eventually lead to GAAP (Generally Accepted Accounting Principles) violation. Some researchers argued that insider trading can be an efficient way of transferring insider information to the capital markets. Our evidence of intensive insider selling in the context of earnings restatements implies that insiders disregard their fiduciary duties to the shareholders during the periods of deteriorating financial performance.
文摘When considering Intrusion Detection and the Insider Threat, most researchers tend to focus on the network architecture rather than the database which is the primary target of data theft. It is understood that the network level is adequate for many intrusions where entry into the system is being sought however it is grossly inadequate when considering the database and the authorized insider. Recent writings suggest that there have been many attempts to address the insider threat phenomena in regards to database technologies by the utilization of detection methodologies, policy management systems and behavior analysis methods however, there appears to be a lacking in the development of adequate solutions that will achieve the level of detection that is required. While it is true that Authorization is the cornerstone to the security of the database implementation, authorization alone is not enough to prevent the authorized entity from initiating malicious activities in regards to the data stored within the database. Behavior of the authorized entity must also be considered along with current data access control policies. Each of the previously mentioned approaches to intrusion detection at the database level has been considered individually, however, there has been limited research in producing a multileveled approach to achieve a robust solution. The research presented outlines the development of a detection framework by introducing a process that is to be implemented in conjunction with information requests. By utilizing this approach, an effective and robust methodology has been achieved that can be used to determine the probability of an intrusion by the authorized entity, which ultimately address the insider threat phenomena at its most basic level.
文摘Virtualization technology plays a key role in cloud computing.Thus,the security issues of virtualization tools(hypervisors,emulators,etc.) should be under precise consideration.However,threats of insider attacks are underestimated.The virtualization tools and hypervisors have been poorly protected from this type of attacks.Furthermore,hypervisor is one of the most critical elements in cloud computing infrastructure.Firstly,hypervisor vulnerabilities analysis is provided.Secondly,a formal model of insider attack on hypervisor is developed.Consequently,on the basis of the formal attack model,we propose a new methodology of hypervisor stability evaluation.In this paper,certain security countermeasures are considered that should be integrated in hypervisor software architecture.
文摘From the perspective of the insiders and outsiders,this study explores the influence of differential leadership on employees’affective commitment and the moderating effect of leader’s self-enhancing humor and individual traditionality.The results show that the differential leadership has a positive impact on the organizational affective commitment of employees,the leader’s self-enhancing humor and the employees’traditionality play a positive regulatory role respectively.Moreover,compared with the outsiders,the low traditionality has a stronger influence on the relationship between differential leadership and organizational affective commitment of the insiders.This paper enriches the research on the influence of leadership style on employee’s affective commitment,proposes and verifies the moderation of leader’s self-enhancing humor and employee’s traditionality,which complements the boundary conditions for the effectiveness of differential leadership style.
基金supported by the National Natural Science Foundation of China(No.11861025)Guizhou QKZYD[2022](No.4055)Natural Science Research Project of Guizhou Provincial Department of Education(No.QJJ[2023]011)。
文摘A general model of insider trading on a dynamic asset in a finite time interval is proposed,in which an insider possesses the whole information on the dynamic values,noise traders without any information submit orders randomly as a martingale with volatility following a stochastic process,and market makers observe partial information when setting price in a semi-strong efficient way.With the help of filtering theory,BSDE method and dynamic programming principle,we establish a market equilibrium consisting of linear insider trading strategy and linear pricing rule,with the later characterized by price pressure on market orders and price pressure on asset observations.It shows that in the equilibrium,all the information on the risky asset is incorporated into the market price at the end of the transaction,and price pressure on market orders is a submartingale while market depth process is a martingale.Furthermore,as market makers'information precision on the asset tends to zero,the equilibrium with partial observation of market makers on the risky asset converges to the one without partial observation of market makers,while when market makers observe almost all of information on the asset,the expected profit earned by the insider makes almost zero,which is in accord with our economic intuition.Our results cover some classical results about continuous-time insider trading on a static asset.
文摘Insider threats represent a pressing security challenge for the global aviation sector,particularly within Australia.The International Air Transport Association(IATA)recognises these threats as coming from individuals with privileged access who may intentionally or inadvertently compromise security.This research evaluates how the Australian aviation industry understands and manages insider threats,emphasising the lack of a standard defi-nition that could contribute to a lax security posture.Through a Systematic Literature Review(SLR),the study synthesises pertinent academic and industry literature,contrasting the Australian context with international perspectives to identify gaps in knowledge and practices.The methodology ensures a balanced and unbiased overview of the current discourse.Findings reveal that the Australian aviation industry’s approach to insider threats is hampered by the absence of a consistent definition,inadequate awareness,and a tendency to prioritise physical security measures over a broader spectrum of risks.Furthermore,there is a discernible cultural resis-tance to regular vetting processes.Recommendations include establishing a clear,widely recognised definition of insider threats within the aviation industry,increasing research into the distinct characteristics of these threats in Australia,and integrating ICAO guidelines and global best practices into local procedures.Promoting a vigilant security culture and enhancing vetting and training regimes are also advised.This research underscores the need for a comprehensive and proactive strategy against insider threats in Australian aviation.By adopting a vigilant,educated approach and international best practices,the industry can substantially strengthen its defence against these complex and nuanced risks.
