ScienceDirect® Home Skip Main Navigation Links
You have guest access to ScienceDirect. Find out more.
 
Home
Browse
My Settings
Alerts
Help
 Quick Search
 Search tips (Opens new window)
    Clear all fields    
advertisementadvertisement
Digital Investigation
Volume 3, Issue 1, March 2006, Pages 20-31
 
Font Size: Decrease Font Size  Increase Font Size
 Abstract - selected
Article
Purchase PDF (182 K)

  E-mail Article   
  Add to my Quick Links   
Bookmark and share in 2collab (opens in new window)
Request permission to reuse this article
  Cited By in Scopus (1)
 
 
 
Related Articles in ScienceDirect
View More Related Articles
 
View Record in Scopus
 
doi:10.1016/j.diin.2006.01.006    How to Cite or Link Using DOI (Opens New Window)
Copyright © 2006 Elsevier Ltd All rights reserved.

The role of behavioral research and profiling in malicious cyber insider investigationsstar, open

Eric D. ShawE-mail The Corresponding Author

Consulting and Clinical Psychology, Ltd and Professorial Lecturer, Elliot School of International Studies, George Washington University, Washington, DC

Received 25 January 2005; 
revised 26 January 2006; 
accepted 26 January 2006. 
Available online 2 March 2006.

Purchase the full-text article



References and further reading may be available for this article. To view references and further reading you must purchase this article.

Abstract

This article reviews recent empirical evidence garnered from inductive studies of insiders examining "who, what, where, when, why and how" of insider computer attacks. These results are then compared to insider "theories" and folklore. Then the use of a specific deductive profiling approach to insider investigation and case management is described along with illustrative case studies. The overall role of the behavioral consultant in insider cases is examined with emphasis on specific forms of support for the investigative team and aid to managers and security personnel with case management of insiders within corporate environments.

Keywords: Insiders; Behavioral consulting; Profiling; Forensic psychology; Cyber crime; Cyber criminals

Article Outline

1. Introduction
2. Recent empirical research
2.1. The Secret Service/Carnegie Mellon University Software Engineering Institute (SEI) studies
2.2. The Defense Personnel Security Research Center (PERSEREC) Studies
2.3. Implications for insider theory, folklore and management
2.3.1. Insider typologies
2.3.2. Insider characteristics
2.3.2.1. Demographics
2.3.2.2. Personal characteristics
2.3.2.3. Risk adverse
2.3.2.4. Planned versus impulsive attacks
2.3.2.5. Personal history and traits
2.4. Summary of research results
3. Deductive profiling methods with insider cases
3.1. Remote assessment and content analysis
3.1.1. How many subjects
3.1.2. Subject characteristics
3.1.2.1. Quantitative assessment
3.1.2.2. Qualitative content analysis
3.1.3. Subject dangerousness
3.1.4. Case example
3.1.5. Investigation support
3.1.6. Other insider behavioral support functions
3.1.7. Summary
References

Digital Investigation
Volume 3, Issue 1, March 2006, Pages 20-31
 
Home
Browse
My Settings
Alerts
Help
Elsevier.com (Opens new window)
About ScienceDirect  |  Contact Us  |  Information for Advertisers  |  Terms & Conditions  |  Privacy Policy
Copyright © 2008 Elsevier B.V. All rights reserved. ScienceDirect® is a registered trademark of Elsevier B.V.