Malicious Insider Threat Detection: A Conceptual Model

Tesleem Fagade, Theo Tryfonas

Research output: Chapter in Book/Report/Conference proceedingConference Contribution (Conference Proceeding)

150 Downloads (Pure)


The advent of Internet technologies, growing number of sophisticated hacking tools and mobile workforce creates a new dimension to the malicious insider problem for many organisations. In spite of the significant interest from researchers and industry experts, trusted employees with elevated access continue to pose insider challenges to organisation risk mitigation efforts. It is suggested that malicious insiders show certain personality traits, leave behind digital footprints and observable cyber risk behaviour in advance of an attack. This work offers a different perspective to address the insider problem by drawing concepts from behavioural theory, personality profiling and digital trails auditing. Instead of isolated treatments, our approach
considers the intersection of different risk domains and aggregates risk scores from each as a predictor of malicious insider activities. This model has significant implication for security professionals, to draw insight from inextricably linked risk domains within the context of cybersecurity management. However, substantial empirical work is still needed to evaluate the model in real world cases.
Original languageEnglish
Title of host publicationSecurity and Protection of Information 2017 (SPI)
Place of PublicationBrno, Czech Republic
PublisherUniversity of Defence
Publication statusE-pub ahead of print - 1 Jun 2017
EventSecurity and Protection of Information - SPI 2017 - University of Defence, Brno, Czech Republic
Duration: 1 Jun 20172 Jun 2017

Publication series

NameSecurity and Protection of Information
PublisherUniversity of Defence
ISSN (Print)2336-5587


ConferenceSecurity and Protection of Information - SPI 2017
CountryCzech Republic

Fingerprint Dive into the research topics of 'Malicious Insider Threat Detection: A Conceptual Model'. Together they form a unique fingerprint.

Cite this