Conceptual Model for Insider Threat Classification and Risk Modeling in Complex Digital Systems

• Author(s): Bisola Akeju, Joseph Edivri; Jolly I. Ogbole; Precious Osobhalenewie Okoruwa; Oladapo Fadayomi; Toyosi O Abolaji
• Paper ID: 1713778
• Page: 476-492
• Published Date: 28-06-2018
• Published In: Iconic Research And Engineering Journals
• Publisher: IRE Journals
• e-ISSN: 2456-8880
• Volume/Issue: Volume 1 Issue 9 March-2018

Abstract

Insider threats remain one of the most persistent and complex challenges in contemporary cybersecurity, particularly within highly interconnected, data-intensive, and adaptive digital environments. Unlike external attacks, insider threats originate from trusted identities with legitimate access, making detection, attribution, and mitigation inherently difficult. This proposes a conceptual model for insider threat classification and risk modeling tailored to complex digital systems, including cloud-native platforms, distributed enterprise architectures, and cyber?physical ecosystems. The model addresses critical limitations of existing approaches, which often rely on static classifications, isolated behavioral indicators, or retrospective analysis, and therefore struggle to capture the dynamic, contextual, and systemic nature of insider risk. The proposed framework integrates two tightly coupled layers: an insider threat classification layer and a dynamic risk modeling layer. The classification layer systematically categorizes insiders based on intent (malicious, negligent, or compromised), capability, access privilege, behavioral patterns, and temporal characteristics, leveraging multi-source data such as activity logs, system context, and behavioral deviations. The risk modeling layer conceptualizes insider risk as a probabilistic and continuously evolving construct, driven by the interaction between insider behavior, asset criticality, system interdependencies, and organizational controls. Advanced modeling approaches, including probabilistic inference, temporal risk scoring, and scenario-based analysis, are incorporated to account for uncertainty, nonlinearity, and cascading effects within complex digital systems. A central contribution of the model lies in its integration mechanism, where classification outcomes dynamically inform risk scores, while evolving risk profiles feedback into reclassification and monitoring priorities. This closed-loop design supports real-time risk awareness, adaptive control strategies, and proactive intervention. Additionally, the model explicitly incorporates governance, ethical, and privacy considerations to ensure responsible deployment within enterprise and critical infrastructure contexts. By providing a unified, system-oriented perspective, the conceptual model advances insider threat research and practice, offering a foundation for resilient security architectures, improved decision-making, and future empirical validation in high-velocity digital environments.

Keywords

Insider Threat, Risk Modeling, Threat Classification, Complex Digital Systems, Cybersecurity Governance, Behavioral Analytics, Enterprise Security

Citations

IRE Journals:
Bisola Akeju, Joseph Edivri, Jolly I. Ogbole, Precious Osobhalenewie Okoruwa, Oladapo Fadayomi, Toyosi O Abolaji "Conceptual Model for Insider Threat Classification and Risk Modeling in Complex Digital Systems" Iconic Research And Engineering Journals Volume 1 Issue 9 2018 Page 476-492 https://doi.org/10.64388/IREV1I9-1713778

IEEE:
Bisola Akeju, Joseph Edivri, Jolly I. Ogbole, Precious Osobhalenewie Okoruwa, Oladapo Fadayomi, Toyosi O Abolaji "Conceptual Model for Insider Threat Classification and Risk Modeling in Complex Digital Systems" Iconic Research And Engineering Journals, 1(9) https://doi.org/10.64388/IREV1I9-1713778