Date of Award

Spring 2021

Document Type


Degree Name

Doctor of Philosophy (PhD)


Engineering Management & Systems Engineering


Engineering Management and Systems Engineering

Committee Director

C. Ariel Pinto

Committee Member

Adrian Gheorghe

Committee Member

Mustafa Canan

Committee Member

Saltuk Bugra Karahan


The cyber domain is a great business enabler providing many types of enterprises new opportunities such as scaling up services, obtaining customer insights, identifying end-user profiles, sharing data, and expanding to new communities. However, the cyber domain also comes with its own set of risks. Cybersecurity risk assessment helps enterprises explore these new opportunities and, at the same time, proportionately manage the risks by establishing cyber situational awareness and identifying potential consequences. Anomaly detection is a mechanism to enable situational awareness in the cyber domain. However, anomaly detection also requires one of the most extensive sets of data and features for proper implementation. One way to make disparate data more usable is by using relations within datasets to provide more robust representations of interdependencies.

The purpose of this study is to use machine learning classification algorithms augmented by a new feature set extracted with graph theoretical information representing human to human and human to machine interactions in the quantification of cyber risk due to insider threats. Included in this study is impact assessment by analyzing past incidents caused by internal actors and depicted on the risk matrices, together with datasets on organizational roles of the internal actors.