System Dynamics Based Insider Threats Modeling

Yang, Sang Chin; Wang, Yi Lu

doi:10.5121/ijnsa.2011.3301

Cited by 9 publications

(4 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The mapping of the dynamic complexity of cyberattacks is illustrated in Table 2 to evidence the link between SD and APT attacks. SD has been used in many studies to model information security management and attacks (Nazareth & Choi, 2015;Yang & Wang, 2011). SD runs through six phases: systems description, converting description to equations, simulating the model, designing alternative policies and structures, educating and debating, and implementing changes in policies (Forrester, 1994).…”

Section: System Dynamics Applicationsmentioning

confidence: 99%

A System Dynamics Approach to Evaluate Advanced Persistent Threat Vectors

Nicho¹,

McDermott

Fakhry

et al. 2023

International Journal of Information Security and Privacy

View full text Add to dashboard Cite

Cyber-attacks targeting high-profile entities are focused, persistent, and employ common vectors with varying levels of sophistication to exploit social-technical vulnerabilities. Advanced persistent threats (APTs) deploy zero-day malware against such targets to gain entry through multiple security layers, exploiting the dynamic interplay of vulnerabilities in the target network. System dynamics (SD) offers an alternative approach to analyze non-linear, complex, and dynamic social-technical systems. This research applied SD to three high-profile APT attacks - Equifax, Carphone, and Zomato - to identify and simulate socio-technical variables leading to breaches. By modeling APTs using SD, managers can evaluate threats, predict attacks, and reduce damage by mitigating specific socio-technical cues. This study provides valuable insights into the dynamics of cyber threats, making it the first to apply SD to APTs.

show abstract

Section: System Dynamics Applicationsmentioning

confidence: 99%

A System Dynamics Approach to Evaluate Advanced Persistent Threat Vectors

Nicho¹,

McDermott

Fakhry

et al. 2023

International Journal of Information Security and Privacy

View full text Add to dashboard Cite

show abstract

“…As Bishop et al (2008) affirms, if we cannot define the insider threat problem and its underlying factors properly, then we will not be able to come up with a solution. In addition, we can assert that combining insider monitoring mechanisms with overall risk control may increase the probability of detecting insider threats (Yang & Wang, 2011).…”

Section: Conclusion and Suggestions For Future Researchmentioning

confidence: 99%

Multiple Case Study Approach to Identify Aggravating Variables of Insider Threats in Information Systems

Nicho¹,

Kamoun²

2014

CAIS

View full text Add to dashboard Cite

Malicious insiders present a serious threat to information systems due to privilege of access, knowledge of internal computer resources, and potential threats on the part of disgruntled employees or insiders collaborating with external cybercriminals. Researchers have extensively studied insiders' motivation to attack from the broader perspective of the deterrence theory and have explored the rationale for employees to disregard/overlook security policies from the perspective of neutralization theory. This research takes a step further: we explore the aggravating variables of insider threat using a multiple case study approach. Empirical research using black hat analysis of three case studies of insider threats suggests that, while neutralization plays an important role in insider attacks, it takes a cumulative set of aggravating factors to trigger an actual data breach. By identifying and aggregating the variables, this study presents a predictive model that can guide IS managers to proactively mitigate insider threats. Given the economic and legal ramifications of insider threats, this research has implications relevant both for both academics and security practitioners.

show abstract

“…While these theories are comprehensive and well-researched, they fall firmly within the realm of social science and cannot be independently tested and verified in the same way as a scientific theory. The second form of research comes from the Computer Science discipline, which focuses on the related topic of corporate espionage and particularly insider and outsider threats [8] [9]. However, comprehensive models of the complexities of information and cyber warfare have not previously been attempted, in part because computer scientists are more interested in simulating the attack patterns of computer viruses than the socio-political phenomena which lead to cyber conflict.…”

Section: Introductionmentioning

confidence: 99%

A System Dynamics Model of Cyber Conflict

Polatin-Reuben

Craig

Spyridopoulos

et al. 2013

2013 IEEE International Conference on Systems, Man, and Cybernetics

View full text Add to dashboard Cite

In this paper we try to determine whether a potential state-aggressor in a recent cyber attack can be identified through an understanding of shared international dependencies between nations. Combining the International Affairs and Systems Science disciplines, we put forth a system dynamics model of cyber conflict which may facilitate the identification of a culpable state or states in a cyber attack through publicly available information. Having identified 22 countries with military or civilian cyber capability, data on economic trade imports and diplomatic relationships were combined to identify dependencies, or countries upon which dependent countries rely for trade or military collaboration. The system dynamics model simulates diplomatic tension between two countries to estimate the probability of a cyber conflict. Nine case studies, in which the likely cyber combatant was identified, are used to test the model. Initial results yielded a number of prior indicators of cyber conflict, such as dips in trade imports from future cyber combatants up to 2 years before a launched cyber attack.

show abstract

System Dynamics Based Insider Threats Modeling

Abstract: ABSTRACT

Cited by 9 publications

References 16 publications

A System Dynamics Approach to Evaluate Advanced Persistent Threat Vectors

A System Dynamics Approach to Evaluate Advanced Persistent Threat Vectors

Multiple Case Study Approach to Identify Aggravating Variables of Insider Threats in Information Systems

A System Dynamics Model of Cyber Conflict

Contact Info

Product

Resources

About