Identification of Unintentional Perpetrator Attack Vectors using Simulation Game: A Case Study
| Authors | |
|---|---|
| Year of publication | 2021 |
| Type | Article in Proceedings |
| Conference | Proceedings of the 16th Conference on Computer Science and Intelligence Systems |
| MU Faculty or unit | |
| Citation | |
| web | https://ieeexplore.ieee.org/abstract/document/9555700 |
| Doi | https://doi.org/10.15439/2021F85 |
| Keywords | insider attack; process mining; security; unintentional perpetrator; attack vector; case study |
| Description | In our digital era, insider attacks are among the serious underresearched areas of the cybersecurity landscape. A significant type of insider attack is facilitated by employees without malicious intent. They are called unintentional perpetrators. We proposed mitigating these threats using a simulation-game platform to detect the potential attack vectors. This paper introduces and implements a scenario that demonstrates the usability of this approach in a case study. This work also helps to understand players' behavior when they are not told upfront that they will be a target of social engineering attacks. Furthermore, we provide relevant acquired observations for future research. |
| Related projects: |