{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,11]],"date-time":"2025-09-11T20:25:32Z","timestamp":1757622332852,"version":"3.44.0"},"publisher-location":"Cham","reference-count":33,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783032006325"},{"type":"electronic","value":"9783032006332"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-032-00633-2_13","type":"book-chapter","created":{"date-parts":[[2025,8,8]],"date-time":"2025-08-08T10:15:18Z","timestamp":1754648118000},"page":"212-229","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Designing a\u00a0Framework to\u00a0Tackle the\u00a0Multifaceted Intricacies of\u00a0Insider Threats"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6938-0097","authenticated-orcid":false,"given":"Rim","family":"Ben Salem","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1124-2200","authenticated-orcid":false,"given":"Fr\u00e9d\u00e9ric","family":"Cuppens","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8792-0413","authenticated-orcid":false,"given":"Nora","family":"Boulahia-Cuppens","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2043-0265","authenticated-orcid":false,"given":"Hager","family":"Khechine","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,8,9]]},"reference":[{"key":"13_CR1","unstructured":"Software\u00a0Engineering Institute: Common sense guide to mitigating insider threats, seventh edition (2022). https:\/\/insights.sei.cmu.edu\/library\/common-sense-guide-to-mitigating-insider-threats-seventh-edition\/"},{"key":"13_CR2","doi-asserted-by":"publisher","unstructured":"Singh, C., Thakkar, R., Warraich, J.: IAM identity access management\u2014Importance in maintaining security systems within organizations. Eur. J. Eng. Technol. Res. 8(4), 30\u201338 (2023). ISSN 2736-576X. https:\/\/doi.org\/10.24018\/ejeng.2023.8.4.3074","DOI":"10.24018\/ejeng.2023.8.4.3074"},{"key":"13_CR3","doi-asserted-by":"publisher","unstructured":"Vitla, S.: Pioneering IAM innovations: securing data, mitigating cyber threats, and driving compliance in the cybersecurity landscape. Int. J. Sci. Res. Arch. 10(1), 1130\u20131150 (2023). ISSN 2582-8185. https:\/\/doi.org\/10.30574\/ijsra.2023.10.1.0714","DOI":"10.30574\/ijsra.2023.10.1.0714"},{"key":"13_CR4","doi-asserted-by":"publisher","unstructured":"Marquis, Y.A.: From theory to practice: Implementing effective role-based access control strategies to mitigate insider risks in diverse organizational contexts. J. Eng. Res. Rep. 26(5), 138\u2013154 (2024). ISSN 2582-2926. https:\/\/doi.org\/10.9734\/jerr\/2024\/v26i51141","DOI":"10.9734\/jerr\/2024\/v26i51141"},{"key":"13_CR5","doi-asserted-by":"publisher","unstructured":"Mandru, S.: How AI can improve identity verification and access control processes. J. Artif. Intell. Cloud Comput., 1\u20135 (2022). ISSN 2754-6659. https:\/\/doi.org\/10.47363\/jaicc\/2022(1)e101","DOI":"10.47363\/jaicc\/2022(1)e101"},{"key":"13_CR6","doi-asserted-by":"crossref","unstructured":"Jansen, W.A., Grance, T.: Guidelines on security and privacy in public cloud computing. Special Publication 800-144, National Institute of Standards and Technology (2011)","DOI":"10.6028\/NIST.SP.800-144"},{"issue":"1","key":"13_CR7","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1109\/TDSC.2005.9","volume":"2","author":"E Bertino","year":"2005","unstructured":"Bertino, E., Sandhu, R.: Database security\u2013Concepts, approaches, and challenges. IEEE Trans. Dependable Secure Comput. 2(1), 2\u201319 (2005)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"13_CR8","doi-asserted-by":"publisher","unstructured":"Yampolskiy, R.V., Govindaraju, V.: Behavioural biometrics: a survey and classification. Int. J. Biometr. 1(1), 81 (2008). ISSN 1755-831X. https:\/\/doi.org\/10.1504\/ijbm.2008.018665","DOI":"10.1504\/ijbm.2008.018665"},{"key":"13_CR9","doi-asserted-by":"publisher","unstructured":"Eberz, S., Rasmussen, K., Lenders, V., Martinovic, I.: Preventing lunchtime attacks: fighting insider threats with eye movement biometrics. In: Proceedings 2015 Network and Distributed System Security Symposium, NDSS 2015. Internet Society (2015). https:\/\/doi.org\/10.14722\/ndss.2015.23203","DOI":"10.14722\/ndss.2015.23203"},{"key":"13_CR10","doi-asserted-by":"publisher","unstructured":"Uslu, U., \u0130ncel, \u00d6.D., Alptekin, G.I.: Evaluation of deep learning models for continuous authentication using behavioral biometrics. Procedia Comput. Sci. 225, 1272\u20131281 (2023). ISSN 1877-0509. https:\/\/doi.org\/10.1016\/j.procs.2023.10.115","DOI":"10.1016\/j.procs.2023.10.115"},{"key":"13_CR11","doi-asserted-by":"publisher","unstructured":"Babu, B.M., Bhanu, M.S.: Prevention of insider attacks by integrating behavior analysis with risk based access control model to protect cloud. Procedia Comput. Sci. 54, 157\u2013166 (2015). ISSN 1877-0509. https:\/\/doi.org\/10.1016\/j.procs.2015.06.018","DOI":"10.1016\/j.procs.2015.06.018"},{"key":"13_CR12","doi-asserted-by":"crossref","unstructured":"Shaw, E., Fischer, L.: Ten tales of betrayal: the threat to corporate infrastructure by information technology insiders analysis and observations. p.\u00a063 (2005)","DOI":"10.21236\/ADA441293"},{"issue":"4","key":"13_CR13","first-page":"706","volume":"62","author":"A Georgiadou","year":"2022","unstructured":"Georgiadou, A., Mouzakitis, S., Askounis, D.: Detecting insider threat via a cyber-security culture framework. J. Comput. Inf. Syst. 62(4), 706\u2013716 (2022)","journal-title":"J. Comput. Inf. Syst."},{"key":"13_CR14","doi-asserted-by":"publisher","unstructured":"Khan, N., J. Houghton, R., Sharples, S.: Understanding factors that influence unintentional insider threat: a framework to counteract unintentional risks. Cognit. Technol. Work 1\u201329 (2021). https:\/\/doi.org\/10.1007\/s10111-021-00690-z","DOI":"10.1007\/s10111-021-00690-z"},{"key":"13_CR15","doi-asserted-by":"publisher","unstructured":"Greitzer, F., Purl, J., Leong, Y.M., Becker, D.S.: Sofit: sociotechnical and organizational factors for insider threat. In: 2018 IEEE Security and Privacy Workshops (SPW), pp. 197\u2013206. IEEE (2018). https:\/\/doi.org\/10.1109\/spw.2018.00035","DOI":"10.1109\/spw.2018.00035"},{"key":"13_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"26","DOI":"10.1007\/978-3-642-15152-1_3","volume-title":"Trust, Privacy and Security in Digital Business","author":"M Kandias","year":"2010","unstructured":"Kandias, M., Mylonas, A., Virvilis, N., Theoharidou, M., Gritzalis, D.: An insider threat prediction model. In: Katsikas, S., Lopez, J., Soriano, M. (eds.) TrustBus 2010. LNCS, vol. 6264, pp. 26\u201337. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-15152-1_3"},{"key":"13_CR17","doi-asserted-by":"publisher","unstructured":"Brinton Anderson, B., Vance, A., Kirwan, C.B., Eargle, D., Jenkins, J.L.: How users perceive and respond to security messages: a neuroIS research agenda and empirical study. Eur. J. Inf. Syst. 25(4), 364\u2013390 (2016). ISSN 1476-9344. https:\/\/doi.org\/10.1057\/ejis.2015.21","DOI":"10.1057\/ejis.2015.21"},{"key":"13_CR18","unstructured":"Insider threat: The human element of cyberrisk \u2014 mckinsey.com. https:\/\/www.mckinsey.com\/capabilities\/risk-and-resilience\/our-insights\/insider-threat-the-human-element-of-cyberrisk. Accessed 09 Mar 2025"},{"key":"13_CR19","doi-asserted-by":"publisher","unstructured":"Edwards, J.R.: An examination of competing versions of the person-environment fit approach to stress. Acad. Manage. J. 39(2), 292\u2013339 (1996). ISSN 1948-0989. https:\/\/doi.org\/10.2307\/256782","DOI":"10.2307\/256782"},{"key":"13_CR20","doi-asserted-by":"publisher","unstructured":"Liu, T., et al.: Effect of organizational change on employee innovation performance: a dual mediation model. PLOS ONE 20(2), e0313056 (2025). ISSN 1932-6203. https:\/\/doi.org\/10.1371\/journal.pone.0313056","DOI":"10.1371\/journal.pone.0313056"},{"key":"13_CR21","doi-asserted-by":"publisher","unstructured":"Chowdhury, N.H., Adam, M.T., Skinner, G.: The impact of time pressure on cybersecurity behaviour: a systematic literature review. Behav. Inf. Technol. 38(12), 1290\u201313081 (2019). ISSN 1362-3001. https:\/\/doi.org\/10.1080\/0144929x.2019.1583769","DOI":"10.1080\/0144929x.2019.1583769"},{"key":"13_CR22","doi-asserted-by":"publisher","unstructured":"Chowdhury, N.H., Adam, M.T., Teubner, T.: Time pressure in human cybersecurity behavior: Theoretical framework and countermeasures. Comput. Secur. 97, 101963 (2020). ISSN 0167-4048. https:\/\/doi.org\/10.1016\/j.cose.2020.101963","DOI":"10.1016\/j.cose.2020.101963"},{"key":"13_CR23","unstructured":"Deterrence: Crest Security Review 19 (2024). ISSN 2398-0559"},{"key":"13_CR24","doi-asserted-by":"publisher","unstructured":"Stich, J.F., Tarafdar, M., Stacey, P., Cooper, C.L.: E-mail load, workload stress and desired e-mail load: a cybernetic approach. Inf. Technol. People 32(2), 430\u2013452 (2019). ISSN 0959-3845. https:\/\/doi.org\/10.1108\/itp-10-2017-0321","DOI":"10.1108\/itp-10-2017-0321"},{"key":"13_CR25","doi-asserted-by":"publisher","unstructured":"Banyasz, P., Laska, P.K., Szadeczky, T., Vaczi, K.B.: The relationship between the dark triad personality and cybersecurity. In: Proceedings of the Central and Eastern European eDem and eGov Days 2024, CEEeGov 2024, pp. 195\u2013202. ACM 2024). https:\/\/doi.org\/10.1145\/3670243.3670262","DOI":"10.1145\/3670243.3670262"},{"key":"13_CR26","doi-asserted-by":"publisher","unstructured":"Padayachee, K.: A conceptual opportunity-based framework to mitigate the insider threat. In: 2013 Information Security for South Africa, pp. 1\u20138. IEEE (2013). https:\/\/doi.org\/10.1109\/issa.2013.6641060","DOI":"10.1109\/issa.2013.6641060"},{"key":"13_CR27","unstructured":"Snowden Says He Took No Secret Files to Russia (Published 2013) \u2014 nytimes.com. https:\/\/www.nytimes.com\/2013\/10\/18\/world\/snowden-says-he-took-no-secret-files-to-russia.html. Accessed 18 Feb 2025"},{"key":"13_CR28","doi-asserted-by":"publisher","unstructured":"Bachrach, D.G., Guedes, M.J., Harms, P.D., Patel, P.C.: CEO narcissism, top management team transactive memory systems, and firm performance: an upper echelons perspective on CEO admiration and rivalry narcissism. Eur. J. Work Organ. Psychol. 31(1), 61\u201376 (2021). ISSN 1464-0643. https:\/\/doi.org\/10.1080\/1359432x.2021.1926989","DOI":"10.1080\/1359432x.2021.1926989"},{"key":"13_CR29","doi-asserted-by":"publisher","unstructured":"Lilienfeld, S.O., Watts, A.L., Smith, S.F.: Successful psychopathy: a scientific status report. Curr. Directions Psychol. Sci. 24(4), 298\u2013303 (2015). ISSN 1467-8721. https:\/\/doi.org\/10.1177\/0963721415580297","DOI":"10.1177\/0963721415580297"},{"key":"13_CR30","doi-asserted-by":"publisher","unstructured":"Nanamou, N.K., Neal, C., Boulahia-Cuppens, N., Cuppens, F., Bkakria, A.: From traits to threats: learning risk indicators of malicious insider using psychometric data, pp. 180\u2013200. Springer Nature Switzerland (2024). ISBN 9783031800207. https:\/\/doi.org\/10.1007\/978-3-031-80020-7_10","DOI":"10.1007\/978-3-031-80020-7_10"},{"key":"13_CR31","unstructured":"The Guardian: Boeing engineer sentenced for spying. The Guardian (2009). https:\/\/www.theguardian.com\/business\/2009\/jul\/17\/boeing-space-technology-industrial-espionage. Accessed 4 Mar 2025"},{"key":"13_CR32","unstructured":"The Washington Post: Elite CIA unit that developed hacking tools failed to secure its own systems, allowing massive leak, an internal report found. The Washington Post (2020). https:\/\/www.washingtonpost.com\/national-security\/elite-cia-unit-that-developed-hacking-tools-failed-to-secure-its-own-systems-allowing-massive-leak-an-internal-report-found\/2020\/06\/15\/502e3456-ae9d-11ea-8f56-63f38c990077_story.html"},{"key":"13_CR33","doi-asserted-by":"publisher","unstructured":"Nasir, R., Afzal, M., Latif, R., Iqbal, W.: Behavioral based insider threat detection using deep learning. IEEE Access 9, 143266\u2013143274 (2021). ISSN 2169-3536. https:\/\/doi.org\/10.1109\/access.2021.3118297","DOI":"10.1109\/access.2021.3118297"}],"container-title":["Lecture Notes in Computer Science","Availability, Reliability and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-00633-2_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,8]],"date-time":"2025-09-08T19:12:25Z","timestamp":1757358745000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-00633-2_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783032006325","9783032006332"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-00633-2_13","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"9 August 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"The authors have no competing interests to declare that\u00a0are relevant to the content of this article.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Disclosure of Interests"}},{"value":"ARES","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Availability, Reliability and Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Ghent","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Belgium","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 August 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 August 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ares-12025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/2025.ares-conference.eu","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}