Mathew Nicho
A system dynamics approach to evaluate advanced persistent threat vectors.
Nicho, Mathew; McDermott, Christopher D.; Fakhry, Hussein; Girija, Shini
Abstract
Cyber-attacks targeting high-profile entities are focused, persistent, and employ common vectors with varying levels of sophistication to exploit social-technical vulnerabilities. Advanced persistent threats (APTs) deploy zero-day malware against such targets to gain entry through multiple security layers, exploiting the dynamic interplay of vulnerabilities in the target network. System dynamics (SD) offers an alternative approach to analyze non-linear, complex, and dynamic social-technical systems. This research applied SD to three high-profile APT attacks - Equifax, Carphone, and Zomato - to identify and simulate socio-technical variables leading to breaches. By modeling APTs using SD, managers can evaluate threats, predict attacks, and reduce damage by mitigating specific socio-technical cues. This study provides valuable insights into the dynamics of cyber threats, making it the first to apply SD to APTs.
Citation
NICHO, M., MCDERMOTT, C.D., FAKHRY, H. and GIRIJA, S. 2023. A system dynamics approach to evaluate advanced persistent threat vectors. International journal of information security and privacy [online], 17(1), pages 1-23. Available from: https://doi.org/10.4018/IJISP.324064
| Journal Article Type | Article |
|---|---|
| Acceptance Date | Jun 16, 2023 |
| Online Publication Date | Jun 16, 2023 |
| Publication Date | Jun 30, 2023 |
| Deposit Date | Jun 23, 2023 |
| Publicly Available Date | Jun 23, 2023 |
| Journal | International journal of information security and privacy |
| Print ISSN | 1930-1650 |
| Electronic ISSN | 1930-1669 |
| Publisher | IGI Global |
| Peer Reviewed | Peer Reviewed |
| Volume | 17 |
| Issue | 1 |
| Pages | 1-23 |
| DOI | https://doi.org/10.4018/IJISP.324064 |
| Keywords | Advanced persistent threats; Cyberattacks; Cyberthreats; Data breach; Systems dynamics |
| Public URL | https://rgu-repository.worktribe.com/output/1993652 |
Files
NICHO 2023 A system dynamics approach (VOR)
(1.1 Mb)
PDF
Publisher Licence URL
https://creativecommons.org/licenses/by/4.0/
You might also like
Towards a conversational agent for threat detection in the internet of things.
(2019)
Conference Proceeding
Dimensions of ‘socio’ vulnerabilities of advanced persistent threats.
(2019)
Conference Proceeding
Botnet detection in the Internet of Things using deep learning approaches.
(2018)
Conference Proceeding
Downloadable Citations
About OpenAIR@RGU
Administrator e-mail: publications@rgu.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search