Source of Publication
International Journal of Information Security and Privacy
Cyber-attacks targeting high-profile entities are focused, persistent, and employ common vectors with varying levels of sophistication to exploit social-technical vulnerabilities. Advanced persistent threats (APTs) deploy zero-day malware against such targets to gain entry through multiple security layers, exploiting the dynamic interplay of vulnerabilities in the target network. System dynamics (SD) offers an alternative approach to analyze non-linear, complex, and dynamic social-technical systems. This research applied SD to three high-profile APT attacks - Equifax, Carphone, and Zomato - to identify and simulate socio-technical variables leading to breaches. By modeling APTs using SD, managers can evaluate threats, predict attacks, and reduce damage by mitigating specific socio-technical cues. This study provides valuable insights into the dynamics of cyber threats, making it the first to apply SD to APTs.
Advanced Persistent Threats, Cyberattacks, Cyberthreats, Data breach, Systems dynamics
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.
Nicho, Mathew; McDermott, Christopher D.; Fakhry, Hussein; and Girija, Shini, "A System Dynamics Approach to Evaluate Advanced Persistent Threat Vectors" (2023). All Works. 5906.
Indexed in Scopus
Open Access Type
Hybrid: This publication is openly available in a subscription-based journal/series