ABSTRACT
This chapter proposes a multi-modal framework based on the user’s psychophysiological measures and computer-based behaviors to distinguish between a user’s behavior during regular activities versus malicious activities. The psychophysiological measures such as the electrocardiogram (ECG) and electroencephalography have mainly been used for emotion detection and prediction. The study involves human subject experiments to collect the psychophysiological and the computer-based behavioral measures. Emulating real-world insider threat scenarios is a very complicated task as it is associated with the psychological and behavioral aspects of the users. The ECG is another psychophysiological measure; it is the electrical activities of the heart that have been used in the medical domain for diagnosing many cardiac diseases. Insider threats have been extensively studied and many approaches based on behavioral, psychological, physiological, and technical perspectives have been proposed to tackle the threat and provide solutions.
