Identification of Unintentional Perpetrator Attack Vectors using Simulation Game: A Case Study
Authors | |
---|---|
Year of publication | 2021 |
Type | Article in Proceedings |
Conference | Proceedings of the 16th Conference on Computer Science and Intelligence Systems |
MU Faculty or unit | |
Citation | |
Web | https://ieeexplore.ieee.org/abstract/document/9555700 |
Doi | http://dx.doi.org/10.15439/2021F85 |
Keywords | insider attack; process mining; security; unintentional perpetrator; attack vector; case study |
Description | In our digital era, insider attacks are among the serious underresearched areas of the cybersecurity landscape. A significant type of insider attack is facilitated by employees without malicious intent. They are called unintentional perpetrators. We proposed mitigating these threats using a simulation-game platform to detect the potential attack vectors. This paper introduces and implements a scenario that demonstrates the usability of this approach in a case study. This work also helps to understand players' behavior when they are not told upfront that they will be a target of social engineering attacks. Furthermore, we provide relevant acquired observations for future research. |
Related projects: |