{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,18]],"date-time":"2026-05-18T10:18:48Z","timestamp":1779099528402,"version":"3.51.4"},"publisher-location":"Cham","reference-count":59,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031800191","type":"print"},{"value":"9783031800207","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,12,15]],"date-time":"2024-12-15T00:00:00Z","timestamp":1734220800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,12,15]],"date-time":"2024-12-15T00:00:00Z","timestamp":1734220800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-80020-7_10","type":"book-chapter","created":{"date-parts":[[2024,12,14]],"date-time":"2024-12-14T07:30:42Z","timestamp":1734161442000},"page":"180-200","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["From Traits to\u00a0Threats: Learning Risk Indicators of\u00a0Malicious Insider Using Psychometric Data"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3941-9920","authenticated-orcid":false,"given":"N\u2019Famoussa Kounon","family":"Nanamou","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6953-8728","authenticated-orcid":false,"given":"Christopher","family":"Neal","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8792-0413","authenticated-orcid":false,"given":"Nora","family":"Boulahia-Cuppens","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1124-2200","authenticated-orcid":false,"given":"Fr\u00e9d\u00e9ric","family":"Cuppens","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9758-4617","authenticated-orcid":false,"given":"Anis","family":"Bkakria","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,12,15]]},"reference":[{"key":"10_CR1","doi-asserted-by":"crossref","unstructured":"Abbiati, G., Ranise, S., Schizzerotto, A., Siena, A.: Merging datasets of CyberSecurity incidents for fun and insight. Front. Big Data (2021)","DOI":"10.3389\/fdata.2020.521132"},{"key":"10_CR2","doi-asserted-by":"crossref","unstructured":"Ahsan, M.M., Mahmud, M.A.P., Saha, P.K., Gupta, K.D., Siddique, Z.: Effect of data scaling methods on machine learning algorithms and model performance (2021)","DOI":"10.3390\/technologies9030052"},{"key":"10_CR3","doi-asserted-by":"publisher","first-page":"5208","DOI":"10.3390\/app10155208","volume":"10","author":"MN Al-Mhiqani","year":"2020","unstructured":"Al-Mhiqani, M.N., et al.: A review of insider threat detection: classification, machine learning techniques, datasets, open challenges, and recommendations. Appl. Sci. 10, 5208 (2020)","journal-title":"Appl. Sci."},{"key":"10_CR4","doi-asserted-by":"crossref","unstructured":"Ali, I., Wassif, K., Bayomi, H.: Dimensionality reduction for images of iot using machine learning. Sci. Rep. (2024)","DOI":"10.21203\/rs.3.rs-2666777\/v1"},{"key":"10_CR5","doi-asserted-by":"crossref","unstructured":"Altmann, A., Tolo\u015fi, L., Sander, O., Lengauer, T.: Permutation importance: a corrected feature importance measure. Bioinformatics (2010)","DOI":"10.1093\/bioinformatics\/btq134"},{"key":"10_CR6","unstructured":"Harilal, A., et al: The wolf of SUTD (TWOS): a dataset of malicious insider threat behavior based on a gamified competition. J. Wirel. Mob. Netw. Ubiquitous Comput. Dependable Appl. (2018)"},{"key":"10_CR7","unstructured":"Bergstra, J., Bengio, Y.: Random search for hyper-parameter optimization. J. Mach. Learn. Res. (2012)"},{"key":"10_CR8","doi-asserted-by":"crossref","unstructured":"Bishop, M., Gates, C., Frincke, D., Greitzer, F.L.: Azalia: an a to z assessment of the likelihood of insider attack. In: 2009 IEEE Conference on Technologies for Homeland Security (2009)","DOI":"10.1109\/THS.2009.5168063"},{"key":"10_CR9","doi-asserted-by":"crossref","unstructured":"Caputo, D., Maloof, M., Stephens, G.: Detecting insider theft of trade secrets. IEEE Secur. Priv. (2009)","DOI":"10.1109\/MSP.2009.110"},{"key":"10_CR10","doi-asserted-by":"publisher","first-page":"321","DOI":"10.1613\/jair.953","volume":"16","author":"NV Chawla","year":"2002","unstructured":"Chawla, N.V., Bowyer, K.W., Hall, L.O., Kegelmeyer, W.P.: Smote: synthetic minority over-sampling technique. J. Artif. Intell. Res. 16, 321\u2013357 (2002)","journal-title":"J. Artif. Intell. Res."},{"key":"10_CR11","unstructured":"Costa, P.T., McCrae, R.R.: Neo personality inventory-revised (NEO PI-R). Psychological Assessment Resources Odessa, FL (1992)"},{"key":"10_CR12","unstructured":"Dando, C.J., Taylor, P.J., Menacere, T., Ormerod, T.C., Ball, L.J., Sandham, A.L.: Sorting insiders from co-workers: remote synchronous computer-mediated triage for investigating insider attacks. Human Fact. (2024)"},{"key":"10_CR13","doi-asserted-by":"crossref","unstructured":"Debeer, D., Strobl, C.: Conditional permutation importance revisited. BMC Bioinf. (2020)","DOI":"10.32614\/CRAN.package.permimp"},{"key":"10_CR14","doi-asserted-by":"crossref","unstructured":"Dosh, M.: Detecting insider threat within institutions using cert dataset and different ml techniques. In: Periodicals of Engineering and Natural Sciences (2021)","DOI":"10.21533\/pen.v9i2.1911"},{"key":"10_CR15","doi-asserted-by":"crossref","unstructured":"Duffy, D.E., Quiroz, A.J.: A permutation-based algorithm for block clustering. J. Classificat. (1991)","DOI":"10.1007\/BF02616248"},{"key":"10_CR16","doi-asserted-by":"crossref","unstructured":"Egelman, S., Peer, E.: Scaling the security wall: developing a security behavior intentions scale (sebis) (2015)","DOI":"10.1145\/2702123.2702249"},{"key":"10_CR17","unstructured":"Frank, L., Hohimer, R.E.: Modeling human behavior to anticipate insider attacks. J. Strat. Secur. (2011)"},{"key":"10_CR18","unstructured":"Gayathri, R., Sajjanhar, A., Xiang, Y.: Hybrid deep learning model using spcagan augmentation for insider threat analysis. Expert Syst. Appl. (2024)"},{"key":"10_CR19","doi-asserted-by":"crossref","unstructured":"Glasser, J., Lindauer, B.: Bridging the gap: a pragmatic approach to generating insider threat data. In: 2013 IEEE Security and Privacy Workshops (2013)","DOI":"10.1109\/SPW.2013.37"},{"key":"10_CR20","doi-asserted-by":"crossref","unstructured":"Goldberg, L.R.: An alternative \u201cdescription of personality\": The big-five factor structure. J. Pers. Social Psychol. (1990)","DOI":"10.1037\/\/0022-3514.59.6.1216"},{"key":"10_CR21","doi-asserted-by":"crossref","unstructured":"Goldberg, L.R.: The development of markers for the big-five factor structure. Psychol. Assess. (1992)","DOI":"10.1037\/t03713-000"},{"key":"10_CR22","doi-asserted-by":"crossref","unstructured":"Goldberg, L.R., et al.: The international personality item pool and the future of public-domain personality measures. J. Res. Pers. (2006)","DOI":"10.1016\/j.jrp.2005.08.007"},{"key":"10_CR23","doi-asserted-by":"crossref","unstructured":"Gratian, M., Bandi, S., Cukier, M., Dykstra, J., Ginther, A.: Correlating human traits and cyber security behavior intentions. Comput. Secur. (2018)","DOI":"10.1016\/j.cose.2017.11.015"},{"key":"10_CR24","unstructured":"Greitzer, F.L., Franklin, L.R., Edgar, T.W., Frincke, D.A.: Predictive modeling for insider threat mitigation (2009)"},{"key":"10_CR25","volume-title":"Combining Traditional Cyber Security Audit Data with Psychosocial Data: Towards Predictive Modeling for Insider Threat Mitigation","author":"FL Greitzer","year":"2010","unstructured":"Greitzer, F.L., Frincke, D.A.: Combining Traditional Cyber Security Audit Data with Psychosocial Data: Towards Predictive Modeling for Insider Threat Mitigation. Springer, Heidelberg (2010)"},{"key":"10_CR26","doi-asserted-by":"crossref","unstructured":"Greitzer, F.L., Kangas, L.J., Noonan, C.F., Dalton, A.C.: Identifying at-risk employees: a behavioral model for predicting potential insider threats. Technical report (2010)","DOI":"10.2172\/1000159"},{"key":"10_CR27","doi-asserted-by":"crossref","unstructured":"Halevy, A.: Why your data won\u2019t mix: New tools and techniques can help ease the pain of reconciling schemas. Queue (2005)","DOI":"10.1145\/1103822.1103836"},{"key":"10_CR28","doi-asserted-by":"crossref","unstructured":"Hani, U., Sohaib, O., Khan, K., Aleidi, A., Islam, N.: Psychological profiling of hackers via machine learning toward sustainable cybersecurity. Front. Comput. Sci. (2024)","DOI":"10.3389\/fcomp.2024.1381351"},{"key":"10_CR29","doi-asserted-by":"crossref","unstructured":"Homoliak, I., Toffalini, F., Guarnizo, J., Elovici, Y., Ochoa, M.: Insight into insiders and it: a survey of insider threat taxonomies, analysis, modeling, and countermeasures. ACM Comput. Surv (2019)","DOI":"10.1145\/3303771"},{"key":"10_CR30","doi-asserted-by":"crossref","unstructured":"Homoliak, I., Toffalini, F., Guarnizo, J., Elovici, Y., Ochoa, M.: Insight into insiders and it: a survey of insider threat taxonomies, analysis, modeling, and countermeasures (2019)","DOI":"10.1145\/3303771"},{"key":"10_CR31","doi-asserted-by":"crossref","unstructured":"Janjua, F., Masood, A., Abbas, H., Rashid, I., Khan, M.M.Z.M.: Textual analysis of traitor-based dataset through semi supervised machine learning. Future Gener. Comput. Syst. (2021)","DOI":"10.1016\/j.future.2021.06.036"},{"key":"10_CR32","unstructured":"John, O.P., Naumann, L.P., Soto, C.J.: Paradigm Shift to the Integrative Big-Five Trait Taxonomy: History, Measurement, and Conceptual Issues. Guilford Press (2008)"},{"key":"10_CR33","doi-asserted-by":"crossref","unstructured":"Kandias, M., Mylonas, A., Virvilis, N., Theoharidou, M., Gritzalis, D.: An Insider Threat Prediction Model. Springer, Heidelberg (2010)","DOI":"10.1007\/978-3-642-15152-1_3"},{"key":"10_CR34","doi-asserted-by":"crossref","unstructured":"Kennison, S.M., Chan-Tin, E.: Taking risks with cybersecurity: using knowledge and personal characteristics to predict self-reported cybersecurity behaviors. Front. Psychol. (2020)","DOI":"10.3389\/fpsyg.2020.546546"},{"key":"10_CR35","doi-asserted-by":"crossref","unstructured":"Lause, J., Berens, P., Kobak, D.: The art of seeing the elephant in the room: 2d embeddings of single-cell data do make sense. bioRxiv (2024)","DOI":"10.1101\/2024.03.26.586728"},{"key":"10_CR36","unstructured":"MacCrae, R.R., Costa\u00a0Jr, P.T., Costa, P.T.: Personality in Adulthood. Guilford Press (1990)"},{"key":"10_CR37","doi-asserted-by":"crossref","unstructured":"Magklaras, G.B., Furnell, S.M.: A preliminary model of end user sophistication for insider threat prediction in it systems. Comput. Secur. (2005)","DOI":"10.1016\/j.cose.2004.10.003"},{"key":"10_CR38","doi-asserted-by":"crossref","unstructured":"Manoharan, P., Yin, J., Wang, H., Zhang, Y., Ye, W.: Insider threat detection using supervised machine learning algorithms. Telecommun. Syst. (2023)","DOI":"10.1007\/s11235-023-01085-3"},{"key":"10_CR39","doi-asserted-by":"crossref","unstructured":"Marbut, A., Harms, P.: Fiends and fools: a narrative review and neo-socioanalytic perspective on personality and insider threats. J. Bus. Psychol. (2024)","DOI":"10.1007\/s10869-023-09885-9"},{"key":"10_CR40","unstructured":"Matulessy, A., Humaira, N.H.: Hacker personality profiles reviewed in terms of the big five personality traits. Psychol. Behav. Sci. (2016)"},{"key":"10_CR41","doi-asserted-by":"crossref","unstructured":"Naidu, G., Zuva, T., Sibanda, E.M.: A review of evaluation metrics in machine learning algorithms. In: Computer Science On-line Conference. Springer, Heidelberg (2023)","DOI":"10.1007\/978-3-031-35314-7_2"},{"key":"10_CR42","doi-asserted-by":"crossref","unstructured":"P.\u00a0Riquelme, I., Rom\u00e1n, S.: Is the influence of privacy and security on online trust the same for all type of consumers? Electron. Mark. (2014)","DOI":"10.1007\/s12525-013-0145-3"},{"key":"10_CR43","doi-asserted-by":"crossref","unstructured":"Pattinson, M., Jerram, C., Parsons, K., McCormac, A.: Why do some people manage phishing e-mails better than others? Inf. Manag. Comput. Secur. (2012)","DOI":"10.1108\/09685221211219173"},{"key":"10_CR44","doi-asserted-by":"crossref","unstructured":"Roccas, S., Sagiv, L., Schwartz, S.H., Knafo, A.: The big five personality factors and personal values. Pers. Soc. Psychol. Bull. (2002)","DOI":"10.1177\/0146167202289008"},{"key":"10_CR45","doi-asserted-by":"crossref","unstructured":"Ros, F., Riad, R., Guillaume, S.: Pdbi: a partitioning davies-bouldin index for clustering evaluation. Neurocomputing (2023)","DOI":"10.1016\/j.neucom.2023.01.043"},{"key":"10_CR46","unstructured":"Ruohonen, J., Saddiqa, M.: What do we know about the psychology of insider threats? (2024)"},{"key":"10_CR47","doi-asserted-by":"crossref","unstructured":"Schubert, E.: Stop using the elbow criterion for k-means and how to choose the number of clusters instead. ACM SIGKDD Explorat. Newsl. (2023)","DOI":"10.1145\/3606274.3606278"},{"key":"10_CR48","doi-asserted-by":"crossref","unstructured":"Schultz, E.E.: A framework for understanding and predicting insider attacks. Comput. Secur. (2002)","DOI":"10.1016\/S0167-4048(02)01009-X"},{"key":"10_CR49","doi-asserted-by":"crossref","unstructured":"Shahapure, K.R., Nicholas, C.: Cluster quality analysis using silhouette score. In: IEEE International Conference on Data Science and Advanced Analytics. IEEE (2020)","DOI":"10.1109\/DSAA49011.2020.00096"},{"key":"10_CR50","doi-asserted-by":"crossref","unstructured":"Shappie, A.T., Dawson, C.A., Debb, S.M.: Personality as a predictor of cybersecurity behavior. Psychol. Popular Media (2020)","DOI":"10.1037\/ppm0000247"},{"key":"10_CR51","doi-asserted-by":"crossref","unstructured":"Shropshire, J., Warkentin, M., Sharma, S.: Personality, attitudes, and intentions: predicting initial adoption of information security behavior. Comput. Secur. (2015)","DOI":"10.1016\/j.cose.2015.01.002"},{"key":"10_CR52","unstructured":"Sorzano, C.O.S., Vargas, J., Montano, A.P.: A survey of dimensionality reduction techniques. arXiv preprint arXiv:1403.2877 (2014)"},{"key":"10_CR53","doi-asserted-by":"crossref","unstructured":"Tao, X., et al.: User behavior threat detection based on adaptive sliding window gan. IEEE Trans. Netw. Serv. Manag. (2024)","DOI":"10.1109\/TNSM.2024.3355698"},{"key":"10_CR54","unstructured":"Verizon: 2024 Data Breach Investigations Report (2024). https:\/\/www.verizon.com\/business\/resources\/reports\/dbir\/. Accessed June 2024"},{"key":"10_CR55","unstructured":"Warkentin, M., McBride, M., Carter, L., Johnston, A.: The role of individual characteristics on insider abuse intentions (2012)"},{"key":"10_CR56","doi-asserted-by":"crossref","unstructured":"Wheatley, S., Maillart, T., Sornette, D.: The extreme risk of personal data breaches & the erosion of privacy. Eur. Phys. J. B (2015)","DOI":"10.1140\/epjb\/e2015-60754-4"},{"key":"10_CR57","doi-asserted-by":"crossref","unstructured":"Yang, G., Cai, L., Yu, A., Ma, J., Meng, D., Wu, Y.: Potential malicious insiders detection based on a comprehensive security psychological model. IEEE (2018)","DOI":"10.1109\/BigDataService.2018.00011"},{"key":"10_CR58","unstructured":"Yu, T., Zhu, H.: Hyper-parameter optimization: a review of algorithms and applications (2020)"},{"key":"10_CR59","doi-asserted-by":"crossref","unstructured":"Zheng, R., Qin, Y., Huang, Z., Chen, H.: Authorship Analysis in Cybercrime Investigation. Springer, Heidelberg (2003)","DOI":"10.1007\/3-540-44853-5_5"}],"container-title":["Lecture Notes in Computer Science","Information Systems Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-80020-7_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,12,14]],"date-time":"2024-12-14T08:04:49Z","timestamp":1734163489000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-80020-7_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,15]]},"ISBN":["9783031800191","9783031800207"],"references-count":59,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-80020-7_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,12,15]]},"assertion":[{"value":"15 December 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICISS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Systems Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Jaipur","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 December 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 December 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"iciss2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/iciss.isrdc.in","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}