System dynamics approach to malicious insider cyber-threat modelling and analysis

Tesleem Fagade; Theo Spyridopoulos; Nabeel Albishry; Theo Tryfonas

doi:10.1007/978-3-319-58460-7_21

System dynamics approach to malicious insider cyber-threat modelling and analysis

Tesleem Fagade, Theo Spyridopoulos, Nabeel Albishry, Theo Tryfonas^*

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference Contribution (Conference Proceeding)

1 Citation (Scopus)

Abstract

Enforcing cybersecurity controls against malicious insiders touches upon complex issues like people, process and technology. In large and complex systems, addressing the problem of insider cyber threat involves diverse solutions like compliance, technical and procedural controls. This work applies system dynamics modelling to understand the interrelationships between three distinct indicators of a malicious insider, in order to determine the possibility of a security breach through developing trends and patterns. It combines observable behaviour of actors based on the well-established theory of planned behaviour; technical footprints from incident log information and social network profiling of personality traits, based on the ‘big five’ personality model. Finally, it demonstrates how system dynamics as a risk modelling approach can flag early signs of malicious insider threats by aggregating associative properties of different risk elements. Our initial findings suggest that key challenges to combating insider threats are uncertainty, irregular intervals between malicious activities and exclusion of different personality factors in the design of cyber-security protocols. Based on these insights we propose how this knowledge may help with mitigation controls in a secure environment.

Original language	English
Title of host publication	Human Aspects of Information Security, Privacy and Trust - 5th International Conference, HAS 2017 Held as Part of HCI International 2017, Proceedings
Publisher	Springer-Verlag Berlin
Pages	309-321
Number of pages	13
Volume	10292 LNCS
ISBN (Print)	9783319584591
DOIs	https://doi.org/10.1007/978-3-319-58460-7_21
Publication status	Published - 2017
Event	5th International Conference on Human Aspects of Information Security, Privacy and Trust, HAS 2017, held as part of 19th International Conference on Human-Computer Interaction, HCI 2017 - Vancouver, Canada Duration: 9 Jul 2017 → 14 Jul 2017

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	10292 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	5th International Conference on Human Aspects of Information Security, Privacy and Trust, HAS 2017, held as part of 19th International Conference on Human-Computer Interaction, HCI 2017
Country	Canada
City	Vancouver
Period	9/07/17 → 14/07/17

Fingerprint

Keywords

Cyber security
Cyber-risk behavior
Malicious insider
Personality profiling
Risk modelling
System dynamics

Cite this

Fagade, T., Spyridopoulos, T., Albishry, N., & Tryfonas, T. (2017). System dynamics approach to malicious insider cyber-threat modelling and analysis. In Human Aspects of Information Security, Privacy and Trust - 5th International Conference, HAS 2017 Held as Part of HCI International 2017, Proceedings (Vol. 10292 LNCS, pp. 309-321). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10292 LNCS). Springer-Verlag Berlin. https://doi.org/10.1007/978-3-319-58460-7_21

Fagade, Tesleem ; Spyridopoulos, Theo ; Albishry, Nabeel ; Tryfonas, Theo. / System dynamics approach to malicious insider cyber-threat modelling and analysis. Human Aspects of Information Security, Privacy and Trust - 5th International Conference, HAS 2017 Held as Part of HCI International 2017, Proceedings. Vol. 10292 LNCS Springer-Verlag Berlin, 2017. pp. 309-321 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{c349b1de9e9f4439ba357ccf10cf12c5,

title = "System dynamics approach to malicious insider cyber-threat modelling and analysis",

abstract = "Enforcing cybersecurity controls against malicious insiders touches upon complex issues like people, process and technology. In large and complex systems, addressing the problem of insider cyber threat involves diverse solutions like compliance, technical and procedural controls. This work applies system dynamics modelling to understand the interrelationships between three distinct indicators of a malicious insider, in order to determine the possibility of a security breach through developing trends and patterns. It combines observable behaviour of actors based on the well-established theory of planned behaviour; technical footprints from incident log information and social network profiling of personality traits, based on the {\textquoteleft}big five{\textquoteright} personality model. Finally, it demonstrates how system dynamics as a risk modelling approach can flag early signs of malicious insider threats by aggregating associative properties of different risk elements. Our initial findings suggest that key challenges to combating insider threats are uncertainty, irregular intervals between malicious activities and exclusion of different personality factors in the design of cyber-security protocols. Based on these insights we propose how this knowledge may help with mitigation controls in a secure environment.",

keywords = "Cyber security, Cyber-risk behavior, Malicious insider, Personality profiling, Risk modelling, System dynamics",

author = "Tesleem Fagade and Theo Spyridopoulos and Nabeel Albishry and Theo Tryfonas",

year = "2017",

doi = "10.1007/978-3-319-58460-7_21",

language = "English",

isbn = "9783319584591",

volume = "10292 LNCS",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer-Verlag Berlin",

pages = "309--321",

booktitle = "Human Aspects of Information Security, Privacy and Trust - 5th International Conference, HAS 2017 Held as Part of HCI International 2017, Proceedings",

note = "5th International Conference on Human Aspects of Information Security, Privacy and Trust, HAS 2017, held as part of 19th International Conference on Human-Computer Interaction, HCI 2017 ; Conference date: 09-07-2017 Through 14-07-2017",

}

Fagade, T, Spyridopoulos, T, Albishry, N & Tryfonas, T 2017, System dynamics approach to malicious insider cyber-threat modelling and analysis. in Human Aspects of Information Security, Privacy and Trust - 5th International Conference, HAS 2017 Held as Part of HCI International 2017, Proceedings. vol. 10292 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10292 LNCS, Springer-Verlag Berlin, pp. 309-321, 5th International Conference on Human Aspects of Information Security, Privacy and Trust, HAS 2017, held as part of 19th International Conference on Human-Computer Interaction, HCI 2017, Vancouver, Canada, 9/07/17. https://doi.org/10.1007/978-3-319-58460-7_21

System dynamics approach to malicious insider cyber-threat modelling and analysis. / Fagade, Tesleem; Spyridopoulos, Theo; Albishry, Nabeel; Tryfonas, Theo.

Human Aspects of Information Security, Privacy and Trust - 5th International Conference, HAS 2017 Held as Part of HCI International 2017, Proceedings. Vol. 10292 LNCS Springer-Verlag Berlin, 2017. p. 309-321 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10292 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference Contribution (Conference Proceeding)

TY - GEN

T1 - System dynamics approach to malicious insider cyber-threat modelling and analysis

AU - Fagade, Tesleem

AU - Spyridopoulos, Theo

AU - Albishry, Nabeel

AU - Tryfonas, Theo

PY - 2017

Y1 - 2017

N2 - Enforcing cybersecurity controls against malicious insiders touches upon complex issues like people, process and technology. In large and complex systems, addressing the problem of insider cyber threat involves diverse solutions like compliance, technical and procedural controls. This work applies system dynamics modelling to understand the interrelationships between three distinct indicators of a malicious insider, in order to determine the possibility of a security breach through developing trends and patterns. It combines observable behaviour of actors based on the well-established theory of planned behaviour; technical footprints from incident log information and social network profiling of personality traits, based on the ‘big five’ personality model. Finally, it demonstrates how system dynamics as a risk modelling approach can flag early signs of malicious insider threats by aggregating associative properties of different risk elements. Our initial findings suggest that key challenges to combating insider threats are uncertainty, irregular intervals between malicious activities and exclusion of different personality factors in the design of cyber-security protocols. Based on these insights we propose how this knowledge may help with mitigation controls in a secure environment.

AB - Enforcing cybersecurity controls against malicious insiders touches upon complex issues like people, process and technology. In large and complex systems, addressing the problem of insider cyber threat involves diverse solutions like compliance, technical and procedural controls. This work applies system dynamics modelling to understand the interrelationships between three distinct indicators of a malicious insider, in order to determine the possibility of a security breach through developing trends and patterns. It combines observable behaviour of actors based on the well-established theory of planned behaviour; technical footprints from incident log information and social network profiling of personality traits, based on the ‘big five’ personality model. Finally, it demonstrates how system dynamics as a risk modelling approach can flag early signs of malicious insider threats by aggregating associative properties of different risk elements. Our initial findings suggest that key challenges to combating insider threats are uncertainty, irregular intervals between malicious activities and exclusion of different personality factors in the design of cyber-security protocols. Based on these insights we propose how this knowledge may help with mitigation controls in a secure environment.

KW - Cyber security

KW - Cyber-risk behavior

KW - Malicious insider

KW - Personality profiling

KW - Risk modelling

KW - System dynamics

UR - http://www.scopus.com/inward/record.url?scp=85025168236&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-58460-7_21

DO - 10.1007/978-3-319-58460-7_21

M3 - Conference Contribution (Conference Proceeding)

AN - SCOPUS:85025168236

SN - 9783319584591

VL - 10292 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 309

EP - 321

BT - Human Aspects of Information Security, Privacy and Trust - 5th International Conference, HAS 2017 Held as Part of HCI International 2017, Proceedings

PB - Springer-Verlag Berlin

T2 - 5th International Conference on Human Aspects of Information Security, Privacy and Trust, HAS 2017, held as part of 19th International Conference on Human-Computer Interaction, HCI 2017

Y2 - 9 July 2017 through 14 July 2017

ER -

Fagade T, Spyridopoulos T, Albishry N, Tryfonas T. System dynamics approach to malicious insider cyber-threat modelling and analysis. In Human Aspects of Information Security, Privacy and Trust - 5th International Conference, HAS 2017 Held as Part of HCI International 2017, Proceedings. Vol. 10292 LNCS. Springer-Verlag Berlin. 2017. p. 309-321. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-58460-7_21

Access to Document

10.1007/978-3-319-58460-7_21

Link to publication in Scopus