Identification of Unintentional Perpetrator Attack Vectors using Simulation Game: A Case Study
Autoři | |
---|---|
Rok publikování | 2021 |
Druh | Článek ve sborníku |
Konference | Proceedings of the 16th Conference on Computer Science and Intelligence Systems |
Fakulta / Pracoviště MU | |
Citace | |
www | https://ieeexplore.ieee.org/abstract/document/9555700 |
Doi | http://dx.doi.org/10.15439/2021F85 |
Klíčová slova | insider attack; process mining; security; unintentional perpetrator; attack vector; case study |
Popis | In our digital era, insider attacks are among the serious underresearched areas of the cybersecurity landscape. A significant type of insider attack is facilitated by employees without malicious intent. They are called unintentional perpetrators. We proposed mitigating these threats using a simulation-game platform to detect the potential attack vectors. This paper introduces and implements a scenario that demonstrates the usability of this approach in a case study. This work also helps to understand players' behavior when they are not told upfront that they will be a target of social engineering attacks. Furthermore, we provide relevant acquired observations for future research. |
Související projekty: |