Classifying Insider Threat from Electronic Mail Communication

Adela, Firesenbet (2016) Classifying Insider Threat from Electronic Mail Communication. Masters thesis, Addis Ababa University.

[img] PDF (Classifying Insider Threat from Electronic Mail Communication)
Fresenbet, Adela_2016.pdf - Accepted Version
Restricted to Repository staff only

Download (1MB) | Request a copy


In a current interwoven global world the means of communication has been diversified. Electronic mail is one of the popular, simple and user-friendly for communication. The implication of this means of communication is reflected in various corners of the day to day activities of the modern world. Currently, email communication is set as a standard procedure for office communication in many organizations. Having the good face of such a communication approach, on the contrary unwanted distracting messages could bring institutional instability and even collapse. The objective of this research work is to classify the level of being insider threat using email text classification techniques from the electronic communication. In order to meet the stated objective, data mining algorithms in Weka 7.8 software has been used to classify the email texts. The experiment was conducted using 9808 negative and positive dictionary words identified by psychologists for training. For testing individual email files are used. The Enron higher officials email text was investigated after extensive text preprocessing techniques. The text preprocessing technique includes removal of email header, signature, alphanumeric character etc.SMO Classifiers are employed to manage the experiment. Therefore, the text email analyzed was categorized into negative and positive word counts then the negative word count was further classified into five stages of threat levels. Among twenty eight higher officials investigated at Enron Company, 22 of the employees were found at the exploration stage, one on exploitation stage, two on execution stage and three of them classified under escape stage. The evaluation of the classifier is acceptable and suitable for threat classification. Moreover, a court which was designated to investigate wire fraud, conspiracy and false audit report, convicted 3 of the officials spend in prison from 1.5 – 24.3 years. These individuals were classified under the escape stage of this study. Eventually, the output of this study indicates the promising use of text classification technique to trace and classify insider threats from email communication. Hence, further study and standardization of such a work could bring better result in organizational security and institutional functioning

Item Type: Thesis (Masters)
Uncontrolled Keywords: Insider threat, text classification, email classification, threat classification, organizational security
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Z Bibliography. Library Science. Information Resources > Z665 Library Science. Information Science
Z Bibliography. Library Science. Information Resources > ZA Information resources > ZA4050 Electronic information resources
Divisions: Africana
Depositing User: Selom Ghislain
Date Deposited: 01 Nov 2018 08:59
Last Modified: 01 Nov 2018 08:59

Actions (login required)

View Item View Item