查看文章

Insider attacks are becoming increasingly detrimental and frequent, affecting critical infrastructure at a massive scale. Recent attacks such as the U.K. National Health Service WannaCry ransomware attack which partly depends on internal users for initial infection highlight the increasing role of the malicious insiders in cyber-attack campaigns. The objective of this research is to ascertain the existing technological capability to mitigate insider threats within computer security systems by way of a mixed-method systematic review. Evidence was acquired from major sources of mainstream and grey literature by analyzing about 300 000 papers. Crude aggregated results were analyzed across the literature, and the results were TPR 0.75, FPR 0.32, σ 0.24 and 0.36, respectively, and σ2 0.06 and 0.13, respectively. In totality, the literature evidence suggests that there is high heterogeneity across crude data indicating that …