Abstract
Agent-based models are commonplace in the simulation-based analysis of cyber security. But as useful as it is to model, for example, adversarial tactics in a simulated cyber attack or realistic traffic in a study of network vulnerability, it is increasingly clear that human error is one of the greatest threats to cyber security. From this perspective, the salient features of behavior are those of an agent making decisions about how to use a system, rather than an agent acting as an adversary or as a “chat bot” which functions merely as a statistical message generator. In this paper, we describe work to model a human dimension of the cyber operator, a user subject to different motivations that lead directly to differences in cyber behavior which, ultimately, lead to differences in the risk of suffering a “drive-by” malware infection.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Besnard, D., Arief, B.: Computer security impaired by legitimate users. Comput. Secur. 23(3), 253–264 (2004)
Fulford, H., Doherty, N.F.: The application of information security policies in large UK-based organizations: an exploratory investigation. Inf. Manage. Comput. Secur. 11(3), 106–114 (2003)
Werlinger, R., et al.: Towards understanding diagnostic work during the detection and investigation of security incidents. In: Steven, N.L.C., Furnell, M. (eds.) Third International Symposium on Human Aspects of Information Security & Assurance, Athens, Greece, pp. 119–132. University of Plymouth (2009)
Bishop, M., et al.: Insider threat identification by process analysis. In: IEEE Security and Privacy Workshops, San Jose, CA, pp. 251–264. IEEE (2014)
Costa, D.L., et al.: An Insider Threat Indicator Ontology (2016)
Cranor, L.F., Garfinkel, S. (eds.): Security and Usability: Designing Secure Systems That People Can Use. O’Reilly & Associates Inc, Sebastopol (2005)
Winnefeld, J.A., Kirchhoff, C., Upton, D.M.: Cybersecurity’s Human Factor: Lessons from the Pentagon, in Harvard Business Review. Harvard Business Publishing, Cambridge (2015)
Kilduff, P.W., Swoboda, J.C., Katz, J.: A platoon-level model of communication flow and the effects on operator performance. U.A.R. Laboratory, Editor. Human Research and Engineering Directorate, Aberdeen Proving Ground, MD (2006)
Brett, B.E., et al.: The Combat Automation Requirements Testbed (CART) Task 5 Interim Report: Modeling a Strike Fighter Pilot Conducting a Time Critical Target Mission. A.F.R. Laboratory, Editor, Dayton, OH (2002)
Heegaard, P.E.: GenSyn - a Java based generator of synthetic Internet traffic linking user behaviour models to real network protocols. In: ITC Specialist Seminar on IP Traffic Measurement, Modeling and Management, Monterey, CA (2000)
Ovelgonne, M., et al.: Understanding the relationship between human behavior and susceptibility to cyber-attacks: a data-driven approach. In: ACM Transactions on Intelligent Systems and Technology (TIST) - Special Issue: Cyber Security and Regular Papers, vol. 8, no. 4 (2017)
Mark, G., et al.: Email duration, batching and self-interruption: patterns of email use on productivity and stress. In: 2016 CHI Conference on Human Factors in Computing Systems, San Jose, California, USA, pp. 1717–1728. ACM (2016)
Liu, C., White, R.W., Dumais, S.: Understanding web browsing behaviors through Weibull analysis of dwell time. In: 33rd International ACM SIGIR Conference on Research and Development in Information Retrieval, Geneva, Switzerland, pp. 379–386. Association for Computing Machinery, Inc. (2010)
Mark, G., et al.: Bored mondays and focused afternoons: the rhythm of attention and online activity in the workplace, In: SIGCHI Conference on Human Factors in Computing Systems, Toronto, ON, Canada, pp. 3025–3034. ACM (2014)
Ugrin, J.C., Pearson, J.M.: The effects of sanctions and stigmas on cyberloafing. Comput. Hum. Behav. 29(3), 812–820 (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Warwick, W., Buchler, N., Marusich, L. (2019). An Integrated Model of Human Cyber Behavior. In: Cassenti, D. (eds) Advances in Human Factors in Simulation and Modeling. AHFE 2018. Advances in Intelligent Systems and Computing, vol 780. Springer, Cham. https://doi.org/10.1007/978-3-319-94223-0_28
Download citation
DOI: https://doi.org/10.1007/978-3-319-94223-0_28
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-94222-3
Online ISBN: 978-3-319-94223-0
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)