Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users

Veksler, Vladislav D.; Buchler, Norbou; Hoffman, Blaine; Cassenti, Daniel N.; Sample, Char; Sugrim, Shridat

doi:10.3389/fpsyg.2018.00691

Cited by 36 publications

(16 citation statements)

References 56 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This requires cybersecurity decision makers to gain more knowledge about adversarial thinking, system thinking, and risk quantification. Modeling and simulation of real-world cyber-attacks is a useful training tool for the purpose of fulfilling these requirements [15].…”

Section: Discussionmentioning

confidence: 99%

A Socio-technical Systems Approach to Design and Support Systems Thinking in Cybersecurity and Risk Management Education

Zoto

Kianpour

Kowalski

et al. 2019

J. Complex Syst. Inform. Model. Q.

View full text Add to dashboard Cite

Cybersecurity decisions are made across a range of social, technical, economic, regulatory and political domains. There is a gap between what companies and institutions plan to do while developing their internal IS-related policies and what should be done according to a multi-stakeholder system perspective in this area. Our task as researchers is to bridge this gap by offering potential solutions. The aim of our work is to promote the usage of the socio-technical systems approach to support the emerging role of systems thinking in cybersecurity education, using simulation as a supporting tool for learning. Meanwhile, new trends in cybersecurity curricula suggest an important shift toward new thinking approaches such as adversarial and systems thinking. We explored individuals' adversarial and systems thinking skills in an open agent-based simulated environment and subsequently assessed the impact based on a participant survey. We discuss these results and point to directions for further investigation. The second contribution of the article is the provision of a tool for developing target users' skills in making quantitative risk decisions and giving them a deeper understanding of the importance and use of key indices in the cyber risk management process.

show abstract

Section: Discussionmentioning

confidence: 99%

A Socio-technical Systems Approach to Design and Support Systems Thinking in Cybersecurity and Risk Management Education

Zoto

Kianpour

Kowalski

et al. 2019

J. Complex Syst. Inform. Model. Q.

View full text Add to dashboard Cite

show abstract

“…The closest form of truly comprehensive aggregate risk factor analysis can be seen in research on cognitive modelling of "dynamic simulations involving attacker, defender, and user models to enhance studies of cyber epidemiology and cyber hygiene" [30]. The researchers contend the importance of "wargaming" and simulation in both health care and cybersecurity, highlighting that "just as simulations in healthcare predict how an epidemic can spread and how it can be contained, such simulations may be used in the field of cyber-security as a means of progress in the study of cyber-epidemiology" [30]. The authors argue that epidemiology can be applied for the simulation of pandemic or disease outbreak, though prediction models based on existing behavioural data of threats.…”

Section: Contemporary Vulnerability and Intrusion Detection Technologiesmentioning

confidence: 99%

“…The authors argue that epidemiology can be applied for the simulation of pandemic or disease outbreak, though prediction models based on existing behavioural data of threats. These simulations provide "realistic synthetic users for full-scale training/wargame scenarios", which will "enable much-needed research in cybersecurity and cyber-epidemiology" [30]. Such simulations need to include methods to inject non-deterministic behaviours [31].…”

Section: Contemporary Vulnerability and Intrusion Detection Technologiesmentioning

confidence: 99%

The Application of Epidemiology for Categorising DNS Cyber Risk Factors

Modini¹,

Lynar²,

Sitnikova³

et al. 2020

JCC

View full text Add to dashboard Cite

This Epidemiology can be applied to cybersecurity as a novel approach for analysing and detecting cyber threats and their risks. It provides a systematic model for the analysis of likelihood, consequence, management, and prevention measures to examine malicious behaviours like disease. There are a few research studies in discrete cybersecurity risk factors; however, there is a significant research gap on the analysis of collective cyber risk factors and measuring their cyber risk impacts. Effective cybersecurity risk management requires the identification and estimation of the probability of infection, based on a comprehensive range of historical and environmental factors, including human behaviour and technology characteristics. This paper explores how an epidemiological principle can be applied to identify cybersecurity risk factors. These risk factors comprise both human and machine behaviours profiled as risk factors. This paper conducts a preliminary analysis of the relationships between these risk factors utilising Domain Name System (DNS) data sources. The experimental results indicated that the epidemiological principle can effectively examine and estimate cyber risk factors. The proposed principle has a great potential in enhancing new machine learning-enabled intrusion detection solutions by utilising this principle as a risk assessment module of the solutions.

show abstract

“…Modeling the behavior of users and defenders can be used to assess their cognitive states in real time. Models of learning and adapting the behavior of cyber conflict participants can be used in combination with the theory of behavioral games to predict possible attack scenarios and select the best defenses [3,4]. Modeling user network activity allows testing various network policies without real consequences.…”

Section: Literature Review and Problem Statementmentioning

confidence: 99%

Development of methodology for modeling the interaction of antagonistic agents in cybersecurity systems

Milov

Войтко

Husarova

et al. 2019

EEJET

View full text Add to dashboard Cite

Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users

Cited by 36 publications

References 56 publications

A Socio-technical Systems Approach to Design and Support Systems Thinking in Cybersecurity and Risk Management Education

A Socio-technical Systems Approach to Design and Support Systems Thinking in Cybersecurity and Risk Management Education

The Application of Epidemiology for Categorising DNS Cyber Risk Factors

Development of methodology for modeling the interaction of antagonistic agents in cybersecurity systems

Contact Info

Product

Resources

About