Abstract
The problem of insider threats to computer networks overseen by the company's Information Technologies (IT) department is complex and involves many variables; the most complex variable presented is human behavior. In an operational context many fields of study come into play, the security analyst's job is to interpret the data and draw conclusions of a possible malicious threat. Patterns are to be perceived and recognized within the relevant data. Forensic software and a number of other analyst tools are used to determine suspicious activities within and outside the network. After suspicious activities are revealed alerts must be sent out to induce action to prevent attacks. The goal of this paper is to predict an inside attack derived from behavioral, computer and psycho-social risk factors by using the System Dynamics methodology and its relation to solving the problem. A stock-flow diagram is used with Vensim to model the system. The model represents probabilistic human behavior of the attacker and deterministic behavior of the system.
| Original language | English |
|---|---|
| State | Published - 2016 |
| Event | 2016 TMS/DEVS Symposium on Theory of Modeling and Simulation, TMS/DEVS 2016, Part of the 2016 Spring Simulation Multiconference, SpringSim 2016 - Pasadena, United States Duration: 3 Apr 2016 → 6 Apr 2016 |
Conference
| Conference | 2016 TMS/DEVS Symposium on Theory of Modeling and Simulation, TMS/DEVS 2016, Part of the 2016 Spring Simulation Multiconference, SpringSim 2016 |
|---|---|
| Country/Territory | United States |
| City | Pasadena |
| Period | 3/04/16 → 6/04/16 |
Keywords
- Insider attack
- Modeling human behavior
- System dynamics