Abstract Insider threat protection has received increasing attention in the last ten years due to the serious consequences of malicious insider threats. Moreover, data leaks and the sale of mass data have become much simpler to achieve, e.g., the dark web can allow malicious insiders to divulge confidential data whilst hiding their identities. In this paper, we propose a novel approach to predict the risk of malicious insider threats prior to a breach taking place. Firstly, we propose a new framework for insider threat risk prediction, drawing on technical, organisational and human factor perspectives. Secondly, we employ a Bayesian network to model and implement the proposed framework. Furthermore, this Bayesian network-based prediction model is evaluated in a range of challenging environments. The risk level predictions for each authorised users within the organisation are examined so that any insider threat risk can be identified. The proposed insider threat prediction model achieved better results when compared to the empirical judgments of security experts

中文翻译：

---

基于贝叶斯网络的内部威胁风险预测

摘要 近十年来，由于恶意内部威胁的严重后果，内部威胁防护受到越来越多的关注。此外，数据泄露和海量数据的销售变得更加容易实现，例如，暗网可以允许恶意内部人员泄露机密数据，同时隐藏他们的身份。在本文中，我们提出了一种新颖的方法来在数据泄露发生之前预测恶意内部威胁的风险。首先，我们提出了一个新的内部威胁风险预测框架，借鉴了技术、组织和人为因素的观点。其次，我们采用贝叶斯网络来建模和实现所提出的框架。此外，这种基于贝叶斯网络的预测模型在一系列具有挑战性的环境中进行了评估。检查组织内每个授权用户的风险级别预测，以便识别任何内部威胁风险。与安全专家的经验判断相比，所提出的内部威胁预测模型取得了更好的结果