Document Type

Conference Proceeding

Publication Date

6-2006

Abstract

Preventing and detecting the malicious insider is an inherently difficult problem that expands across many areas of expertise such as social, behavioral and technical disciplines. Unfortunately, current methodologies to combat the insider threat have had limited success primarily because techniques have focused on these areas in isolation. The technology community is searching for technical solutions such as anomaly detection systems, data mining and honeypots. The law enforcement and counterintelligence communities, however, have tended to focus on human behavioral characteristics to identify suspicious activities. These independent methods have limited effectiveness because of the unique dynamics associated with the insider threat. The solution requires a multidisciplinary approach with a clearly defined methodology that attacks the problem in an organized and consistent manner. The purpose of this paper is to present a framework that provides a systematic way to identify the malicious insider and describe a methodology to counter the threat. Our model, the Multidiscipline Approach to Mitigating the Insider Threat (MAMIT), introduces a novel process for addressing this challenge. MAMIT focuses on the collaboration of information from the relative disciplines and uses indicators to produce a consolidated matrix demonstrating the likelihood of an individual being a malicious insider. The well-known espionage case study involving Robert Hanssen is used to illustrate the effectiveness of the framework.

Comments

AFIT Scholar furnishes a draft version of this ICIW conference paper.

Source Publication

International Conference on I-Warfare and Security, ICIW 2006

Share

COinS