It has long been recognized that solutions to insider threat are mainly user-centric and several psychological and psychosocial models have been proposed. However, user behavior underlying these malicious acts is still not fully... more
It has long been recognized that solutions to insider threat are mainly user-centric and several psychological and psychosocial models have been proposed. However, user behavior underlying these malicious acts is still not fully understood, motivating further investigation at the neuro-physiological level. In this work, we conduct a multi-modal study of how users-brain processes malicious and benign activities. In particular, we focus on using Electroencephalogram (EEG) signals that arise from the user's brain activities and eye tracking which can capture spontaneous responses that are unfiltered by the conscious mind. We conduct human study experiments to capture the Electroencephalogram (EEG) signals for a group of 25 participants while performing several computer-based activities in different scenarios. We analyze the EEG signals and the eye tracking data and extract features and evaluate our approach using several classifiers. The results show that our approach achieved an a...
THE IMPORTANCE OF PROTECTING NUCLEAR POWER plants, laboratories, and other facilities can hardly be overstated, especially in light of increased threats of terrorism. But the two principal components of nu-clear facility securitythe... more
THE IMPORTANCE OF PROTECTING NUCLEAR POWER plants, laboratories, and other facilities can hardly be overstated, especially in light of increased threats of terrorism. But the two principal components of nu-clear facility securitythe appropriate security equipment and written ...
Insider threat is a major issue in cyber and corporate security. In this paper we study the psychosocial perspective of the insider via social media, Open Source Intelligence, and user generated content classification. Inductively, we... more
Insider threat is a major issue in cyber and corporate security. In this paper we study the psychosocial perspective of the insider via social media, Open Source Intelligence, and user generated content classification. Inductively, we propose a prediction method by evaluating the predisposition towards law enforcement and authorities , a personal psychosocial trait closely connected to the manifestation of malevolent insiders. We propose a methodology to detect users holding a negative attitude towards authorities. For doing so we facilitate the use of machine learning techniques and of a dictionary-based approach, so as to detect comments expressing negative attitude. Thus, we can draw conclusions over a user behavior and beliefs via the content the user generated within the limits a social medium. We also use an assumption free flat data representation technique in order to decide over the user's attitude. Furthermore, we compare the results of each method and highlight the common behavior manifested by the users. The demonstration is applied on a crawled community of users on YouTube.
In this paper, we approach the problem of modeling the human component in technical systems with a view on the difference between the use of model and theory in sociology and computer science. One aim of this essay is to show that... more
In this paper, we approach the problem of modeling the human component in technical systems with a view on the difference between the use of model and theory in sociology and computer science. One aim of this essay is to show that building of theories and models for sociology can be compared to and implemented in Higher Order Logic. We validate this working hypothesis by revisiting Weber’s understanding explanation. We focus on constructive realism in the context of logical explanation. We review Higher Order Logic (HOL) as a foundation for computer science and summarize its use of theories relating it to the sociological process of logical explanation. As a case study on modeling human behaviour, we present the modeling and
analysis of insider threats as a Higher Order Logic theory in Isabelle/HOL. We show how each of the three step process of
sociological explanation can be seen in our modeling of insider’s
state, its context within an organisation and the effects on security
as outcomes of a theorem proving analysis.
