A behavioral theory of insider-threat risks: A system dynamics approach

Authors:
Ignacio J. Martinez-Moyano;Eliot Rich;Stephen Conrad;David F. Andersen;Thomas R. Stewart
Affiliations:
Argonne National Laboratory, Argonne, IL;University at Albany, State University of New York, Albany, NY;Sandia National Laboratories, Albuquerque, NM;University at Albany, State University of New York, Albany, NY;University at Albany, State University of New York, Albany, NY
Venue:
ACM Transactions on Modeling and Computer Simulation (TOMACS)
Year:
2008

Citing 2
Cited 5

Business Dynamics

Business Dynamics
Cutting Corners and Working Overtime: Quality Erosion in the Service Industry

Management Science

Modeling the emergence of insider threat vulnerabilities

Proceedings of the 38th conference on Winter simulation
Towards insider threat detection using web server logs

Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
Developing insider attack detection model: a grounded approach

ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
MalPEFinder: fast and retrospective assessment of data breaches in malware attacks

Security and Communication Networks
Employing Dynamic Models to Enhance Corporate IT Security Policy

International Journal of Agent Technologies and Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

The authors describe a behavioral theory of the dynamics of insider-threat risks. Drawing on data related to information technology security violations and on a case study created to explain the dynamics observed in that data, the authors constructed a system dynamics model of a theory of the development of insider-threat risks and conducted numerical simulations to explore the parameter and response spaces of the model. By examining several scenarios in which attention to events, increased judging capabilities, better information, and training activities are simulated, the authors theorize about why information technology security effectiveness changes over time. The simulation results argue against the common presumption that increased security comes at the cost of reduced production.