Insider Attack and Cyber Security: Beyond the Hacker defines the nature and scope of insider problems as viewed by the financial industry. This edited volume is based on the first workshop on Insider Attack and Cyber Security, IACS 2007. The workshop was a joint effort from the Information Security Departments of Columbia University and Dartmouth College. This book sets an agenda for an ongoing research initiative to solve one of the most vexing problems encountered in security, and includes the following topics: critical IT infrastructure, insider threats, awareness and dealing with nefarious human activities in a manner that respects individual liberties and privacy policies of organizations while providing the best protection of critical resources and services. In some sense, the insider problem is the ultimate security problem. This volume concludes with technical and legal challenges facing researchers who study and propose solutions to mitigate insider attacks.

Insider Attack and Cyber Security: Beyond the Hacker defines the nature and scope of insider problems as viewed by the financial industry. This edited volume is based on the first workshop on Insider Attack and Cyber Security, IACS 2007. The workshop was a joint effort from the Information Security Departments of Columbia University and Dartmouth College.

This book sets an agenda for an ongoing research initiative to solve one of the most vexing problems encountered in security, and includes the following topics: critical IT infrastructure, insider threats, awareness and dealing with nefarious human activities in a manner that respects individual liberties and privacy policies of organizations while providing the best protection of critical resources and services. In some sense, the insider problem is the ultimate security problem. This volume concludes with technical and legal challenges facing researchers who study and propose solutions to mitigate insider attacks.

ACNS2008, the6thInternationalConferenceonAppliedCryptographyandN- work Security, was held in New York, New York, June 3-6, 2008, at Columbia University. ACNS 2008 was organized in cooperation with the International - sociation for Cryptologic Research (IACR) and the Department of Computer Science at Columbia University. The General Chairs of the conference were - gelos Keromytis and Moti Yung. The conference received 131 submissions, of which the Program Committee, chairedbyStevenBellovinandRosarioGennaro, selected 30 for presentation at the conference. The Best Student Paper Award was given to Liang Xie and Hui Song for their paper "On the E?ectiveness of Internal Patch Dissemination Against File-Sharing Worms" (co-authored with Sencun Zhu). These proceedings consist of revised versions of the presented papers. The revisions werenot reviewed.The authors bear full responsibility for the contents of their papers. Thereweremany submissionsof goodquality, and consequentlythe selection process was challenging and very competitive. Indeed, a number of good papers were not accepted due to lack of space in the program. The main considerations in selecting the program were conceptual and technical innovation and quality of presentation. As re?ected in the Call for Papers, an attempt was made to solicit and publish papers suggesting novel paradigms, original directions, or non-traditional perspectives.