Journals Proceedings

Abstract

Many Information Security (IS) researchers emphasize the importance of human factor within information security. The main problem is that the ones responsible for information security do not take the thoughts, feelings and behavior of employees into account. It is common for organization management and people responsible for security not to listen to employees but mainly deal with commanding them. Unintelligent countermeasures may result in employees behaving in a way that would negatively affect security, because security solutions are developed to attempt to protect information, but the human factor is often left without attention. Taxonomy is an important milestone for this work because it will enhance the ability to examine the problem in a more systematic way and will eventually contribute to the establishment of a behavior-based intrusion detection model. The taxonomy work here covers a more recent and up-to-date taxonomy effort with increased dimensions and features. None of the previous taxonomies are directly related with the detection of human threats. By doing so, we create chances to measure the detection rate of attack types