Using Internet activity profiling for insider-threat detectionReport as inadecuate

Using Internet activity profiling for insider-threat detection - Download this document for free, or read online. Document in PDF available to download.

Reference: Bushra A. Alahmadi, Philip A. Legg and Jason R. C. Nurse, Using Internet activity profiling for insider-threat detection.Citable link to this page:


Using Internet activity profiling for insider-threat detection

Abstract: The insider-threat problem continues to be a major risk to both public and private sectors, where those peoplewho have privileged knowledge and access choose to abuse this in some way to cause harm towards theirorganisation. To combat against this, organisations are beginning to invest heavily in deterrence monitoringtools to observe employees’ activity, such as computer access, Internet browsing, and email communications.Whilst such tools may provide some way towards detecting attacks afterwards, what may be more useful ispreventative monitoring, where user characteristics and behaviours inform about the possibility of an attackbefore it happens. Psychological research advocates that the behaviour and preference of a person can beexplained to a great extent by psychological constructs called personality traits, which could then possiblyindicate the likelihood of an individual being a potential insider threat. By considering how browsing contentrelates to psychological constructs (such as OCEAN), and how an individual’s browsing behaviour deviatesover time, potential insider-threats could be uncovered before significant damage is caused. The main contributionin this paper is to explore how Internet browsing activity could be used to predict the individual’spsychological characteristics in order to detect potential insider-threats. Our results demonstrate that predictiveassessment can be made between the content available on a website, and the associated personality traits,which could greatly improve the prospects of preventing insider attacks.

Publication status:AcceptedPeer Review status:Peer reviewedVersion:Accepted ManuscriptNotes:Copyright © 2015 INSTICC. This paper was accepted for 12th Special Session on Security in Information Systems - WOSIS 2015.

Bibliographic Details

Publisher: Institute for Systems and Technologies of Information, Control and Communication

Publisher Website:

Host: 12th International Workshop on Security in Information Systemssee more from them

Publication Website:

Copyright Date: 2015 Identifiers

Urn: uuid:fcb91435-815f-4917-921b-a4b4b8dff542 Item Description

Type: Conference paper;

Language: en

Version: Accepted ManuscriptKeywords: insider-threat detection behavioural analysis Internet activity psychological traits Tiny URL: ora:10697


Author: Bushra A. Alahmadi - institutionUniversity of Oxford facultyMathematical, Physical and Life Sciences Division - Department of Com



Related documents