Date of Award


Document Type


Degree Name

Master of Science


Department of Electrical and Computer Engineering

First Advisor

Robert F. Mills, PhD


Insider threat is rapidly becoming the largest information security problem that organizations face. With large numbers of personnel having access to internal systems, it is becoming increasingly difficult to protect organizations from malicious insiders. The typical methods of mitigating insider threat are simply not working, primarily because this threat is a people problem, and most mitigation strategies are geared towards profiling and anomaly detection, which are problematic at best. As a result, a new type of model is proposed in this thesis, one that incorporates risk management with human behavioral science. The new risk-based model focuses on observable influences that affect employees, and identifies employees with increased risk of becoming malicious insiders. The model's primary purpose is to differentiate malicious and non-malicious employees. This research details the need for the model, the model's components, and how it works. The model is tested using an in-depth case study on Robert Hanssen, the FBI's double agent who sold the Soviets secrets for more than 20 years. Implemented with the right tool, the new model has great potential for use by security personnel in their efforts to mitigate insider threat damage.

AFIT Designator


DTIC Accession Number