Employees who maliciously steal confidential information or sabotage critical information systems are a growing threat to individual organizations, as well as to our national security. In response, for the past two years, HumRRO has served on a multidisciplinary team to develop models for predicting and detecting malicious insider attacks.
HumRRO researchers Dr. Elise Axelrad and Dr. Paul Sticha recently presented a paper summarizing HumRRO’s contributions to this effort, “A Bayesian Network Model for Predicting Insider Threats”, at the Workshop on Research for Insider Threat (WRIT). WRIT was part of the IEEE Computer Society Security and Privacy Workshops and was sponsored by IBM, Microsoft Research, and Raytheon.
The paper, co-authored with researchers from Xerox PARC, describes the development and testing of a model that answers the following questions:
- What stable psychological factors contribute to malicious insider behavior?
- What dynamic personal and environmental factors increase the risk of insider attacks (e.g., life or work stressors)?
- How do these stable and dynamic factors combine to best predict insider attacks?