Identification of Unintentional Perpetrator Attack Vectors
using Simulation Game: A Case Study

D 2021

Identification of Unintentional Perpetrator Attack Vectors using Simulation Game: A Case Study

MACÁK, Martin, Štefan BOJNÁK a Barbora BÜHNOVÁ

Základní údaje

Originální název

Identification of Unintentional Perpetrator Attack Vectors using Simulation Game: A Case Study

Autoři

MACÁK, Martin (703 Slovensko, garant, domácí), Štefan BOJNÁK (703 Slovensko, domácí) a Barbora BÜHNOVÁ (203 Česká republika, domácí)

Vydání

New York, Proceedings of the 16th Conference on Computer Science and Intelligence Systems, od s. 349-356, 8 s. 2021

Nakladatel

IEEE

Další údaje

Jazyk

angličtina

Typ výsledku

Stať ve sborníku

Obor

10201 Computer sciences, information science, bioinformatics

Stát vydavatele

Spojené státy

Utajení

není předmětem státního či obchodního tajemství

Forma vydání

elektronická verze "online"

Odkazy

URL

Kód RIV

RIV/00216224:14330/21:00121985

Organizační jednotka

Fakulta informatiky

ISBN

978-83-959183-8-4

DOI

http://dx.doi.org/10.15439/2021F85

UT WoS

000904349400045

Klíčová slova anglicky

insider attack; process mining; security; unintentional perpetrator; attack vector; case study

Štítky

core_B, firank_B

Příznaky

Mezinárodní význam, Recenzováno

Změněno: 16. 8. 2023 13:21, RNDr. Pavel Šmerk, Ph.D.

Anotace

V originále

In our digital era, insider attacks are among the serious underresearched areas of the cybersecurity landscape. A significant type of insider attack is facilitated by employees without malicious intent. They are called unintentional perpetrators. We proposed mitigating these threats using a simulation-game platform to detect the potential attack vectors. This paper introduces and implements a scenario that demonstrates the usability of this approach in a case study. This work also helps to understand players' behavior when they are not told upfront that they will be a target of social engineering attacks. Furthermore, we provide relevant acquired observations for future research.

Návaznosti

CZ.02.1.01/0.0/0.0/16_019/0000822, interní kód MU
(Kód CEP: EF16_019/0000822)

Název: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur (Akronym: C4e)

Investor: Ministerstvo školství, mládeže a tělovýchovy ČR, Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur, PO 1 Posilování kapacit pro kvalitní výzkum

EF16_019/0000822, projekt VaV

Název: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur

Citovat

MACÁK, Martin, Štefan BOJNÁK a Barbora BÜHNOVÁ. Identification of Unintentional Perpetrator Attack Vectors using Simulation Game: A Case Study. Online. In Proceedings of the 16th Conference on Computer Science and Intelligence Systems. New York: IEEE, 2021, s. 349-356. ISBN 978-83-959183-8-4. Dostupné z: https://dx.doi.org/10.15439/2021F85.

@inproceedings{1783877,
   author = {Macák, Martin and Bojnák, Štefan and Bühnová, Barbora},
   address = {New York},
   booktitle = {Proceedings of the 16th Conference on Computer Science and Intelligence Systems},
   doi = {http://dx.doi.org/10.15439/2021F85},
   keywords = {insider attack; process mining; security; unintentional perpetrator; attack vector; case study},
   howpublished = {elektronická verze "online"},
   language = {eng},
   location = {New York},
   isbn = {978-83-959183-8-4},
   pages = {349-356},
   publisher = {IEEE},
   title = {Identification of Unintentional Perpetrator Attack Vectors using Simulation Game: A Case Study},
   url = {https://ieeexplore.ieee.org/abstract/document/9555700},
   year = {2021}
}

TY  - JOUR
ID  - 1783877
AU  - Macák, Martin - Bojnák, Štefan - Bühnová, Barbora
PY  - 2021
TI  - Identification of Unintentional Perpetrator Attack Vectors using Simulation Game: A Case Study
PB  - IEEE
CY  - New York
SN  - 9788395918384
KW  - insider attack
KW  - process mining
KW  - security
KW  - unintentional perpetrator
KW  - attack vector
KW  - case study
UR  - https://ieeexplore.ieee.org/abstract/document/9555700
N2  - In our digital era, insider attacks are among the serious underresearched areas of the cybersecurity landscape. A significant type of insider attack is facilitated by employees without malicious intent. They are called unintentional perpetrators. We proposed mitigating these threats using a simulation-game platform to detect the potential attack vectors. This paper introduces and implements a scenario that demonstrates the usability of this approach in a case study. This work also helps to understand players' behavior when they are not told upfront that they will be a target of social engineering attacks. Furthermore, we provide relevant acquired observations for future research.
ER  -

MACÁK, Martin, Štefan BOJNÁK a Barbora BÜHNOVÁ. Identification of Unintentional Perpetrator Attack Vectors using Simulation Game: A Case Study. Online. In \textit{Proceedings of the 16th Conference on Computer Science and Intelligence Systems}. New York: IEEE, 2021, s.~349-356. ISBN~978-83-959183-8-4. Dostupné z: https://dx.doi.org/10.15439/2021F85.

Podrobný výpis o publikaci