Applying system dynamics to model advanced persistent threats

Mathew Nicho, Zayed University
Hussein Fakhry, Zayed University

Document Type

Conference Proceeding

Source of Publication

ACM International Conference Proceeding Series

Publication Date

10-8-2019

Abstract

© 2019 Association for Computing Machinery. System dynamics (SD) concept has been successfully applied to analyze issues that are non-linear, complex, and dynamic in disciplines namely social sciences and technology. However, its application to cyber security issues especially threats that involves multiple variables interacting with the technical as well as the organizational domain is lacking. In this respect, Advanced Persistent Threat (APT) is regarded as a highly targeted and sophisticated attack using zero-day malware, stealth, and multiple advanced techniques to gain entry and maintain its presence inside organizational network unnoticed. Being a threat that exploits technical as well as organizational vulnerabilities, preventing it at the security perimeter and, detecting it once it enters the system is a challenge till date. To demonstrate the application of SD in identifying and analyzing the effect of each of the variables, we took the Equinox data breach as a case study. The variables leading to the breach were identified, entered into Vensim software and simulated to get the results. Through this exercise, we could identify seven key independent management variables for the technical security and three key independent variables for records breach. This research being the foremost study to apply SD to APT, we presume that by modelling APT attacks using SD through a case study this paper, thus provides insights into the dynamics of the threat. Furthermore, it suggests 'what if' strategies to minimize APT risks thereby reduce the extent of damages should an APT attack occur.

ISBN

9781450376396

Publisher

Association for Computing Machinery

First Page

29

Last Page

33

Disciplines

Computer Sciences

Keywords

Advanced persistent threats, Cyber-threats, Data breach, Systems dynamic

Scopus ID

85082516498

Indexed in Scopus

yes

Open Access

no

Link to Full Text

Share

COinS