Demystifying Insider Threat: Language-Action Cues in Group Dynamics

Written language as a symbolic medium of expression plays an important role in communications. In particular, written words communicated online can provide indications of an actor's behavioral intent. This paper describes an ongoing investigation into the interconnectivity between words and actions for a deceptive insider on group dynamics in virtual team collaboration. An experiment using an online game environment was conducted in 2014. Our findings support the hypothesis that language-action cues of group interactions will change significantly after an insider has been compromised. Deceptive actors tend to use more cognition, inclusivity and exclusivity words when interacting with group members. Future work will employ finely tuned complex Linguistic Inquiry and Word Count (LIWC) dictionaries to identify additional language-action cues for deception in various experimental conditions.

[1]  Jeffrey T. Hancock,et al.  The truth about lying in online dating profiles , 2007, CHI.

[2]  Jung Hoon Baeg,et al.  Insider Threat: Language-action Cues in Group Dynamics , 2015, CPR.

[3]  J. Burgoon,et al.  Interpersonal Deception Theory , 1996 .

[4]  Sirkka L. Jarvenpaa,et al.  Communication and Trust in Global Virtual Teams , 1999, J. Comput. Mediat. Commun..

[5]  J. Rotter A new scale for the measurement of interpersonal trust. , 1967, Journal of personality.

[6]  Cindy K. Chung,et al.  The development and psychometric properties of LIWC2007 , 2007 .

[7]  E. Eugene Schultz A framework for understanding and predicting insider attacks , 2002, Comput. Secur..

[8]  P. Ekman,et al.  Nonverbal Leakage and Clues to Deception †. , 1969, Psychiatry.

[9]  Frank L. Greitzer,et al.  Toward the Development of a Psycholinguistic-based Measure of Insider Threat Risk Focusing on Core Word Categories Used in Social Media , 2013, AMCIS.

[10]  Csr Young,et al.  How to Do Things With Words , 2009 .

[11]  Frank L. Greitzer,et al.  Identifying At-Risk Employees: Modeling Psychosocial Precursors of Potential Insider Threats , 2012, 2012 45th Hawaii International Conference on System Sciences.

[12]  R. Lewicki,et al.  Developing and Maintaining Trust in Work Relationships , 1996 .

[13]  James J. Lindsay,et al.  Cues to deception. , 2003, Psychological bulletin.

[14]  Dale E. Zand Trust and Managerial Problem Solving , 1972 .

[15]  L. Hosmer TRUST: THE CONNECTING LINK BETWEEN ORGANIZATIONAL THEORY AND PHILOSOPHICAL ETHICS , 1995 .

[16]  Jeremy P. Birnholtz,et al.  Butler lies: awareness, deception and design , 2009, CHI.

[17]  Jay F. Nunamaker,et al.  An exploratory study into deception detection in text-based computer-mediated communication , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[18]  Steve Marsh,et al.  Human-computer-human interaction: trust in CSCW , 1997, SGCH.

[19]  J. Habermas The Theory of Communicative Action: Reason and the Rationalization of Society , 1986 .

[20]  Tarek Menacere,et al.  Detecting insider threats through language change. , 2013, Law and human behavior.

[21]  J. Pennebaker,et al.  Linguistic styles: language use as an individual difference. , 1999, Journal of personality and social psychology.

[22]  R. Klimoski,et al.  The impact of trust on creative problem solving groups. , 1976, The Journal of applied psychology.

[23]  Frank L. Greitzer,et al.  Predicting Insider Threat Risks through Linguistic Analysis of Electronic Communication , 2013, 2013 46th Hawaii International Conference on System Sciences.

[24]  Jeffrey T. Hancock,et al.  What Lies Beneath: The Linguistic Traces of Deception in Online Dating Profiles , 2012 .

[25]  Jeffrey T. Hancock,et al.  On Lying and Being Lied To: A Linguistic Analysis of Deception in Computer-Mediated Communication , 2007 .

[26]  Jay F. Nunamaker,et al.  A Comparison of Classification Methods for Predicting Deception in Computer-Mediated Communication , 2004, J. Manag. Inf. Syst..

[27]  F. C. P. Motta The theory of communicative action , 1991 .

[28]  Youngjin Yoo,et al.  Dynamic nature of trust in virtual teams , 2002, J. Strateg. Inf. Syst..

[29]  Jeffrey T. Hancock,et al.  Reading between the lines: linguistic cues to deception in online dating profiles , 2010, CSCW '10.

[30]  Steven Furnell,et al.  A preliminary model of end user sophistication for insider threat prediction in IT systems , 2005, Comput. Secur..

[31]  Shuyuan Mary Ho Cyber Insider Threat: Trustworthiness in Virtual Organizations , 2014 .

[32]  F. Inglis How To Do Things With Words. , 1971 .

[33]  Ryan T. Wright,et al.  The Influence of Experiential and Dispositional Factors in Phishing: An Empirical Investigation of the Deceived , 2010, J. Manag. Inf. Syst..

[34]  P. Ekman,et al.  Who can catch a liar? , 1991, The American psychologist.

[35]  J. Pennebaker,et al.  Psychological aspects of natural language. use: our words, our selves. , 2003, Annual review of psychology.

[36]  Roderick M. Kramer,et al.  Collective trust and collective action: The decision to trust as a social decision. , 1996 .

[37]  Mike Burmester,et al.  Liar, Liar, IM on Fire: Deceptive language-action cues in spontaneous online communication , 2015, 2015 IEEE International Conference on Intelligence and Security Informatics (ISI).

[38]  Jonathan M. Hollister,et al.  Cyber Insider Threat in Virtual Organizations , 2014 .

[39]  Frank L. Lars J. Christine F. Christopher R. Thomas Greitzer,et al.  Psychosocial Modeling of Insider Threat Risk Based on Behavioral and Word Use Analysis , 2013 .