Mitigating Insider Threat Using Human Behavior Influence Models
Abstract
Insider threat is rapidly becoming the largest information security problem that organizations face. With large numbers of personnel having access to internal systems, it is becoming increasingly difficult to protect organizations from malicious insiders. The typical methods of mitigating insider threat are simply not working, primarily because this threat is a people problem, and most mitigation strategies are geared towards profiling and anomaly detection, which are problematic at best. As a result, a new type of model is proposed in this thesis, one that incorporates risk management with human behavioral science. The new risk-based model focuses on observable influences that affect employees, and identifies employees with increased risk of becoming malicious insiders. The model's primary purpose is to differentiate malicious and non-malicious employees. This research details the need for the model, the model's components, and how it works. The model is tested using an in-depth case study on Robert Hanssen, the FBI's double agent who sold the Soviets secrets for more than 20 years. Implemented with the right tool, the new model has great potential for use by security personnel in their efforts to mitigate insider threat damage.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jun 01, 2006
- Accession Number
- ADA453987
Entities
People
- Anthony J. Puleo
Organizations
- Air Force Institute of Technology