Psychological Profile of Network I ntruder Dragan Pleskonjic BEG Finsoft Member of IEEE Computer Society, ACM and ACM SIGSAC E-mail: dragan@conwex.org Veljko Milutinovic ETF Belgrade / IPSI Fellow of IEEE E-mail: vm@etf.bg.ac.yu Nemanja Macek E-mail: stonerhate@gmail.com Borislav Djordjevic Institute “Mihailo Pupin” E-mail: bora@impcomputers.com Marko Caric Advanced School of Electrical Engineering, Belgrade E-mail: carmar@eunet.yu Abstract: This paper presents attempt to describe and categorize psychological profiles of network attackers and intruders. For long time ago, it was considered that most important aspect for providing security of computer networks and information systems is technical aspect and cryptography. But it has been recognized that even the best set of technical mechanisms can’t protect effectively if human factor fails. Also, when analyzing threats and attacks, it is important to focus on psychological aspect of intruder, their motives and intentions and their way of thinking, planning and performing attacks. Important part is way of hiding tracks of its activity. This is interdisciplinary and multidisciplinary approach with goal to help modeling and design of protection, especially intrusion detection and intrusion prevention systems. One scope of targets is Internet and wireless networks and way to protect these networks from intruders and threats. This confirms statement that security is never ending process. Keywords: psychological profile, network intruder, attack, attacker, threat, insider, network intrusion, detection, prevention 1 I ntroduction The most usual way of analyzing security aspects of computer system or network is technical aspect of security including cryptography, access control, security protocols, malicious software defense, intrusion detection and similar aspects. This also often includes organizational, economical and legal aspect and makes this research more interdisciplinary. By covering these various areas, chances to design, develop and employ effective security measures, products, solutions, procedures and policies are much likely. It is well known that there is no absolute security and that all of above mentioned stuff is intended to lead toward common goal: acceptable security risk. Also, it is well known that, in other security and protection systems, one