MACÁK, Martin, Štefan BOJNÁK and Barbora BÜHNOVÁ. Identification of Unintentional Perpetrator Attack Vectors using Simulation Game: A Case Study. Online. In Proceedings of the 16th Conference on Computer Science and Intelligence Systems. New York: IEEE, 2021, p. 349-356. ISBN 978-83-959183-8-4. Available from: https://dx.doi.org/10.15439/2021F85.
Other formats:   BibTeX LaTeX RIS
Basic information
Original name Identification of Unintentional Perpetrator Attack Vectors using Simulation Game: A Case Study
Authors MACÁK, Martin (703 Slovakia, guarantor, belonging to the institution), Štefan BOJNÁK (703 Slovakia, belonging to the institution) and Barbora BÜHNOVÁ (203 Czech Republic, belonging to the institution).
Edition New York, Proceedings of the 16th Conference on Computer Science and Intelligence Systems, p. 349-356, 8 pp. 2021.
Publisher IEEE
Other information
Original language English
Type of outcome Proceedings paper
Field of Study 10201 Computer sciences, information science, bioinformatics
Country of publisher United States of America
Confidentiality degree is not subject to a state or trade secret
Publication form electronic version available online
WWW URL
RIV identification code RIV/00216224:14330/21:00121985
Organization unit Faculty of Informatics
ISBN 978-83-959183-8-4
Doi http://dx.doi.org/10.15439/2021F85
UT WoS 000904349400045
Keywords in English insider attack; process mining; security; unintentional perpetrator; attack vector; case study
Tags firank_B
Tags International impact, Reviewed
Changed by Changed by: RNDr. Pavel Šmerk, Ph.D., učo 3880. Changed: 16/8/2023 13:21.
Abstract
In our digital era, insider attacks are among the serious underresearched areas of the cybersecurity landscape. A significant type of insider attack is facilitated by employees without malicious intent. They are called unintentional perpetrators. We proposed mitigating these threats using a simulation-game platform to detect the potential attack vectors. This paper introduces and implements a scenario that demonstrates the usability of this approach in a case study. This work also helps to understand players' behavior when they are not told upfront that they will be a target of social engineering attacks. Furthermore, we provide relevant acquired observations for future research.
Links
CZ.02.1.01/0.0/0.0/16_019/0000822, interní kód MU
(CEP code: EF16_019/0000822)		Name: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur (Acronym: C4e)
Investor: Ministry of Education, Youth and Sports of the CR, CyberSecurity, CyberCrime and Critical Information Infrastructures Center of Excellence, Priority axis 1: Strengthening capacities for high-quality research
EF16_019/0000822, research and development projectName: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur
PrintDisplayed: 17/7/2024 01:49