System dynamics approach to malicious insider cyber-threat analysis and modelling

Fagade, T., Spyridopoulos, T., Albishry, N. and Tryfonas, T. (2017) System dynamics approach to malicious insider cyber-threat analysis and modelling. In: Tryfonas, T., ed. (2017) Human Aspects of Information Security, Privacy and Trust: Proceedings of 5th International Conference, HAS 2017, Held as Part of HCI International 2017, Vancouver, BC, Canada, July 9-14, 2017. (10292) Vanvouver, Canada: Springer-Verlag, pp. 309-321. ISBN 9783319584591 Available from: http://eprints.uwe.ac.uk/30537

Full text not available from this repository

Publisher's URL: https://doi.org/10.1007/978-3-319-58460-7_21

Abstract/Description

Enforcing cybersecurity controls against malicious insiders touches upon complex issues that people, process and technology. In large and complex systems, addressing the problem of insider cyber threat involves diverse solutions like compliance, technical and procedural controls. This work applies system dynamics modelling to understand the interrelationships between three distinct indicators of a malicious insider, in order to determine the possibility of a security breach through developing trends and patterns. It combines observable behaviour of actors based on the well-established theory of planned behaviour; technical footprints from incident log information and social network profiling of personality traits, based on the ‘big five’ personality model. Finally, it demonstrates how system dynamics as a risk modelling approach can flag early signs of malicious insider threats by aggregating associative properties of different risk elements. Our initial findings suggest that key challenges to combating insider threats are uncertainty, irregular intervals between malicious activities and exclusion of different personality factors in the design of cyber-security protocols. Based on these insights we propose how this knowledge may help with mitigation controls in a secure environment.

Item Type:Book Section
Uncontrolled Keywords:system dynamics, insider cyber-threat
Faculty/Department:Faculty of Environment and Technology > Department of Computer Science and Creative Technologies
ID Code:30537
Deposited By: Dr T. Spyridopoulos
Deposited On:13 Jun 2017 14:59
Last Modified:15 Oct 2017 14:53

Request a change to this item

Document Downloads

Total Document Downloads

More statistics for this item...