Document Type


Publication Date



Despite a technology bias that focuses on external electronic threats, insiders pose the greatest threat to an organisation. This paper discusses an approach to assist investigators in identifying potential insider threats. We discern employees' interests from e-mail using an extended version of PLSI. These interests are transformed into implicit and explicit social network graphs, which are used to locate potential insiders by identifying individuals who feel alienated from the organisation or have a hidden interest in a sensitive topic. By applying this technique to the Enron e-mail corpus, a small number of employees appear as potential insider threats.


Copyright © 2008 Inderscience Enterprises Ltd.

AFIT Scholar furnishes the draft version of this article. The published version of record appears in International Journal of Security and Networks and is available by subscription through the DOI link in the citation below.

Shared in accordance with archiving rules posted at Sherpa for this journal.



Source Publication

International Journal of Security and Networks