| Title | Modeling the Effects of Insider Threats on Cybersecurity of Complex Systems |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Baluta, Teodora, Ramapantulu, Lavanya, Teo, Yong Meng, Chang, Ee-Chien |
| Conference Name | Proceedings of the 2017 Winter Simulation Conference |
| Publisher | IEEE Press |
| Conference Location | Piscataway, NJ, USA |
| ISBN Number | 978-1-5386-3427-1 |
| Keywords | Human Behavior, human factors, pubcrawl |
| Abstract | With an increasing number of cybersecurity attacks due to insider threats, it is important to identify different attack mechanisms and quantify them to ease threat mitigation. We propose a discrete-event simulation model to study the impact of unintentional insider threats on the overall system security by representing time-varying human behavior using two parameters, user vulnerability and user interactions. In addition, the proposed approach determines the futuristic impact of such behavior on overall system health. We illustrate the ease of applying the proposed simulation model to explore several "what-if" analysis for an example enterprise system and derive the following useful insights, (i) user vulnerability has a bigger impact on overall system health compared to user interactions, (ii) the impact of user vulnerability depends on the system topology, and (ii) user interactions increases the overall system vulnerability due to the increase in the number of attack paths via credential leakage. |
| Citation Key | baluta_modeling_2017 |
Modeling the Effects of Insider Threats on Cybersecurity of Complex Systems