Email traffic gives clues to workplace threats
Story supplied by LU Press Office
Employees carrying out an insider attack at work can be identified from the language they use in emails according to Lancaster psychologists.
These attacks include everything from workplace theft to fraud, hacking and sabotage, resulting in the loss of millions of pounds to companies.
The study found that an analysis of the email language of employees within an office environment managed to identify 80 to 90 per cent of those actively stealing confidential information and passing it to a provocateur.
Their analysis found that the attackers were much more self-focused, using words like "me", "my" and "I" and they used more negative language compared with typical co-workers.
They also found that employees conducting an insider attack reduced the extent to which they mimicked the language of their co-workers. This reduction in mimicry, which suggests an inadvertent social distancing by the attackers, increased over time, such that by the end of simulation, it was possible for the researchers to use the combined metrics to identify 92.6% of insiders.
Researchers led by Professor Paul Taylor at Lancaster University created a six hour workplace simulation similar to a police investigation into organised crime.
The 54 participants were divided into different teams who had to work together to gather and share information on "suspects".
One in four of the participants was asked to become an "insider" by covertly obtaining information without the knowledge of the others and passing it to a third party.
The researchers then examined the emails that participants sent to one another as part of their workplace simulation, looking for known indicators of emotion and social cohesion.
Professor Taylor said: "The act of conducting an insider attack carries with it cognitive and social challenges that may affect an offender's day-to-day work behavior. Our analysis looked for these changes in the email traffic of an organisation, and found subtle but distinctive ways in which insiders' emails differed from their co-workers."
The researchers concluded that: "Our findings demonstrate how language can provide an indirect way of identifying people who are undertaking an insider attack."
The research "Detecting insider threats through language change" is published in the journal Law and Human Behavior published by the American Psychological Association.
Thu 18 July 2013
'Motorsport Engineering: Fabulous or Frivolous?'
Mon 26 January 2015
In this report we provide some case studies of our work with external partners during 2013-2014. Read about R&D opportunities with China, new science and technology start-up companies, research with IBM, Booths and regional Small and Medium Enterprises, seed funding for new products and processes, new facilities for hire, free events and training, new companies on campus, plugging the data science skills gap, the Engineering Design Academy, and much more...
Tue 20 January 2015
The Faculty is pleased to announce that Professor Peter M Atkinson has been appointed as Dean of the Faculty of Science and Technology.
Mon 05 January 2015
Police and intelligence agencies around the world have for almost 100 years relied on lie-detectors to help convict criminals or unearth spies and traitors.
Mon 05 January 2015