CCE Theses and Dissertations

Date of Award


Document Type


Degree Name

Doctor of Philosophy (PhD)


College of Computing and Engineering


Ling Wang

Committee Member

Junping Sun

Committee Member

Inkyoung Hur


design science research (DSR) methodology, insider threats, lab experiments, social media


The insider threat is a global problem that impacts organizations and produces a gamut of undesired outcomes. Businesses often experience lost revenue and stolen trade secrets, which can leave a tarnished reputation. Insider threats can also cause harm to individuals and national security. Past efforts have not mitigated the problem in its entirety. Documented instances of insider threats are as recent as March 2020. Many researchers have focused on monitoring technologies and relying on human monitoring in a reactive posture. An ideal solution would scrutinize an individual’s character and ascertain whether unique traits associated with actors of insider threats are apparent within the preemployment vetting process.

This study leveraged various input data streams and applied theory-driven behaviors that are associated with fraudulent activities. The research followed a Design Science Research (DSR) methodology to produce sentiment analysis of IT artifacts, and ranked individuals’ level of trustworthiness, conducive within the hiring process.

Lab experiments were used to answer the research questions, provided valuable insight with fraudulent activities, and discovered commonalities with negative sentiments found in social media tweets. First, literature was defined and reviewed to address mitigation of insider threats in one form or another. Second, artifacts were from the sum of all data components; these artifacts proved to be informative during the construction within each lab experiment. Finally, the lab experiments provided helpful contributions to the study. For instance, across all lab experiments, common themes emerged from four negative sentiment scores. These scores were later illustrated under the S140-negScore, AFINN-negScore, SentiWordnet-negScore, and NRC-Hash-Sent-negScore. Behavioral theories did not always appear within each artifact; however, the routine activity theory was the most prevalent and was detailed in the lab experiments. The research extends previous and relevant research, thus leveraging social inputs and fraudulent data extracted from the legal system as a foundation for a way forward. An insider threat can be mitigated through leveraging social media data.