This paper addresses internal threats in cooperative control systems, where agents secretly deviate from collaborative policies to pursue private gains. We propose a unified framework integrating threat identification and mitigation. Methodologically, we model internal threats as parametric game-theoretic roles for the first time; infer hidden malicious intent via online parameter estimation; and design active probing signals coupled with indirect dual adaptive control to asymptotically recover the optimal collaborative control law—even under unknown adversarial objectives. Our key contributions are: (1) a novel, estimable game-theoretic model of internal threats; and (2) an integrated design unifying strategic inference and control compensation. Simulations demonstrate accurate detection of covert deviations, effective restoration of team-optimal performance, and significantly enhanced system robustness and security against internal attacks.

An insider is defined as a team member who covertly deviates from the team's optimal collaborative control strategy in pursuit of a private objective, while maintaining an outward appearance of cooperation. Such insider threats can severely undermine cooperative systems: subtle deviations may degrade collective performance, jeopardize mission success, and compromise operational safety. This paper presents a comprehensive framework for identifying and mitigating insider threats in cooperative control settings. We introduce an insider-aware, game-theoretic formulation in which the insider's hidden intention is parameterized, allowing the threat identification task to be reformulated as a parameter estimation problem. To address this challenge, we employ an online indirect dual adaptive control approach that simultaneously infers the insider's control strategy and counteracts its negative influence. By injecting properly designed probing signals, the resulting mitigation policy asymptotically recovers the nominal optimal control law - one that would be achieved under full knowledge of the insider's objective. Simulation results validate the effectiveness of the proposed identification-mitigation framework and illustrate its capability to preserve team performance even in the presence of covert adversarial behavior.