Email traffic gives clues to workplace threats
Story supplied by LU Press Office
Employees carrying out an insider attack at work can be identified from the language they use in emails according to Lancaster psychologists.
These attacks include everything from workplace theft to fraud, hacking and sabotage, resulting in the loss of millions of pounds to companies.
The study found that an analysis of the email language of employees within an office environment managed to identify 80 to 90 per cent of those actively stealing confidential information and passing it to a provocateur.
Their analysis found that the attackers were much more self-focused, using words like "me", "my" and "I" and they used more negative language compared with typical co-workers.
They also found that employees conducting an insider attack reduced the extent to which they mimicked the language of their co-workers. This reduction in mimicry, which suggests an inadvertent social distancing by the attackers, increased over time, such that by the end of simulation, it was possible for the researchers to use the combined metrics to identify 92.6% of insiders.
Researchers led by Professor Paul Taylor at Lancaster University created a six hour workplace simulation similar to a police investigation into organised crime.
The 54 participants were divided into different teams who had to work together to gather and share information on "suspects".
One in four of the participants was asked to become an "insider" by covertly obtaining information without the knowledge of the others and passing it to a third party.
The researchers then examined the emails that participants sent to one another as part of their workplace simulation, looking for known indicators of emotion and social cohesion.
Professor Taylor said: "The act of conducting an insider attack carries with it cognitive and social challenges that may affect an offender's day-to-day work behavior. Our analysis looked for these changes in the email traffic of an organisation, and found subtle but distinctive ways in which insiders' emails differed from their co-workers."
The researchers concluded that: "Our findings demonstrate how language can provide an indirect way of identifying people who are undertaking an insider attack."
The research "Detecting insider threats through language change" is published in the journal Law and Human Behavior published by the American Psychological Association.
Thu 18 July 2013
Lancaster University computer scientists are at the forefront of a UK-wide BBC initiative launched today to inspire a new generation to get creative with coding, programming and digital technology.
Tue 07 July 2015
Over 200 pupils from eight schools across the North West got a taste of what it’s like to study STEM subjects at Lancaster University.
Wed 01 July 2015
Researchers at three top UK universities are developing new ways to simultaneously power and communicate with robots and other digitally connected devices – commonly known as the Internet of Things.
Mon 29 June 2015
An engineering student has received an award in the Institution of Mechanical Engineers Mechatronic Student of the Year contest.
Wed 10 June 2015