Date of Award

6-2006

Document Type

Thesis

Degree Name

Master of Science

Department

Department of Electrical and Computer Engineering

First Advisor

Robert F. Mills, PhD

Abstract

Insider threat is rapidly becoming the largest information security problem that organizations face. With large numbers of personnel having access to internal systems, it is becoming increasingly difficult to protect organizations from malicious insiders. The typical methods of mitigating insider threat are simply not working, primarily because this threat is a people problem, and most mitigation strategies are geared towards profiling and anomaly detection, which are problematic at best. As a result, a new type of model is proposed in this thesis, one that incorporates risk management with human behavioral science. The new risk-based model focuses on observable influences that affect employees, and identifies employees with increased risk of becoming malicious insiders. The model's primary purpose is to differentiate malicious and non-malicious employees. This research details the need for the model, the model's components, and how it works. The model is tested using an in-depth case study on Robert Hanssen, the FBI's double agent who sold the Soviets secrets for more than 20 years. Implemented with the right tool, the new model has great potential for use by security personnel in their efforts to mitigate insider threat damage.

AFIT Designator

AFIT-GCE-ENG-06-04

DTIC Accession Number

ADA453987

Share

COinS