In this paper, we study advanced persistent threats (APT) with an insider who has different preferences. To address the uncertainty of the insider's preference, we propose the BG-FlipIn: a Bayesian game framework for FlipIt-insider models with an investigation on malicious, inadvertent, or corrupt insiders. We calculate the closed-form Bayesian Nash Equilibrium expression and further obtain three edge cases with deterministic insiders corresponding to their Nash Equilibrium expressions. On this basis, we further discover several phenomena in APT related to the defender's move rate and cost, as well as the insider's preferences. We then provide decision-making guidance for the defender, given different parametric conditions. Two applications validate that our BG-FlipIn framework enables the defender to make decisions consistently, avoiding detecting the insider's concrete preference or adjusting its strategy frequently.

翻译：本文研究存在具有不同偏好的内部人员的高级持续性威胁。为应对内部人偏好的不确定性，我们提出了BG-FlipIn：一个针对恶意、无意或腐败内部人员的FlipIt-内部人模型的贝叶斯博弈框架。我们计算了闭式贝叶斯纳什均衡表达式，并进一步推导出对应于确定性内部人纳什均衡表达式的三种边界情形。在此基础上，我们进一步发现了与防御方行动率及成本、以及内部人偏好相关的若干APT现象。随后，我们针对不同参数条件为防御方提供了决策指导。两个应用案例验证了我们的BG-FlipIn框架能使防御方保持决策一致性，无需探测内部人的具体偏好或频繁调整其策略。