Detection of an insider threat using EEG and a Bayesian Network Model

The objective of this study is to investigate a methodology for insider threat detection. For the purpose, combined use of Electroencephalogram (EEG) technology and a Bayesian Network Model (BNM) was examined to identify potentially at risk workers, especially those with high motivation to become an insider. Our previous study reported the possibility of insider threat detection using EEG Beta and the EEG Gamma indicators. As a subject’s motivation to commit a crime increases, these indicators were increased. First, this paper validated the results from our previous study results using new experiment design. Using these indicators, this study allowed the Support Vector Machine (SVM) classifier to classify the insider having high motivation based on EEG indicators. After then, the BNM describes how susceptible workers are influenced by stimuli that make them vulnerable to and actually carry out an insider threat. The model for identifying and predicting an insider threat largely consists of four component nodes: Motivation level, Capacity, Willingness, and Task difficulty. Probability values for each variable were derived by using the results of our study. The resulting BNM could be utilized for the identification of potential insider. Our model can be applied directly to insider threat monitoring of nuclear power plants, as well as to other security sensitive installations and industry.