@techreport{oai:ipsj.ixsq.nii.ac.jp:00235310,
 author = {小高, 佑紀 and 長谷川, 皓一 and 高倉, 弘喜 and Yuki, Kodaka and Hirokazu, Hasegawa and Hiroki, Takakura},
 issue = {9},
 month = {Jul},
 note = {外部からのサイバー攻撃に比べ，組織構成員によって引き起こされる内部脅威では，初期段階でも脅威が組織内の広範囲に及び業務中断などの影響が大きくなる．さらに，構成員が通常業務に偽装して不正な活動を試みた場合，情報リソースへのアクセス権限違反など挙動履歴からの検知は困難となる．そこで本稿では，組織構成員の心理的状況と情報リソースの業務影響度を考慮した内部脅威対策手法を提案する．システムでの操作履歴に加え，組織が保有するストレステストや降格，減給等の人事データから各構成員の心理的状況を推定し，内部脅威となりうるリスク評価を行う．また，業務における使用状況を元に，情報リソースの流出や使用不能となった場合に組織が受ける影響度評価も行う．これらの評価に基づき，組織運営において脅威となる可能性が高い活動の防止，実行済みの活動に対するロールバックやさらなる活動を抑止するなどの対策を実施することで業務への影響を最小限に留める．, Compared to external cyberattacks, insider threats caused by organizational members can spread more widely within the organization even at an early stage, leading to significant impacts such as business interruptions. Furthermore, when members attempt illicit activities disguised as routine operations, it becomes challenging to detect these actions from behavioral history, such as violations of access privileges to information resources. Therefore, this paper proposes a countermeasure against insider threats regarding the psychological state of organizational members and the business impact of information resources. In addition to system operation history, the psychological state of each member is estimated using Human Resource data such as stress tests, demotions, and salary reductions, which are held by the organization. Based on these evaluations, we assess the risk of potential insider threats. Additionally, we evaluate the impact on the organization if information resources are leaked or become unusable, based on their usage in operations. By implementing countermeasures to prevent high-risk activities, roll back executed activities, and suppress further actions, we aim to minimize the impact on business operations.},
 title = {組織構成員の心理的状況と情報リソースの業務影響度を考慮した内部脅威対策手法},
 year = {2024}
}