{"title":"SD-ABM-ISM:基于系统动力学和代理的综合建模框架,用于具有多行为体威胁动态的复杂信息系统中的信息安全管理","authors":"Navid Aftabi , Nima Moradi , Fatemeh Mahroo , Farhad Kianfar","doi":"10.1016/j.eswa.2024.125681","DOIUrl":null,"url":null,"abstract":"<div><div>The increasing complexity and dynamic nature of modern Information Systems (IS) and evolving cybersecurity threats pose significant challenges for organizations in managing information security. Traditional methods often focus on isolated security aspects, failing to capture the intricate interdependencies between internal and external threats, vulnerabilities, and defensive strategies. These limitations necessitate a holistic approach that can comprehensively model and analyze the interactions within IS environments. Motivated to address these research gaps, we developed SD-ABM-ISM, a multi-method framework integrating System Dynamics (SD) and Agent-Based Modeling (ABM). This framework is designed to capture the complex dynamics of IS, incorporating insider and outsider threats and their interactions with defensive measures. SD-ABM-ISM enables an in-depth examination of how various threat actors impact security outcomes and how proactive and reactive investment strategies influence the resilience of the IS. The proposed framework provides a unique approach to understanding multi-actor threat dynamics and their effect on IS over time, facilitating informed decision-making for security investments. The framework offers a robust tool for security decision-makers, enabling organizations to align their security strategies with the evolving threat surface and enhance their resilience against cyberattacks. The detailed simulation and statistical analysis identify the influential elements in the IS over time, highlighting the impact of interactions between insider threats, outsider threats, and the IS itself in an environment characterized by high uncertainty and diverse threat behaviors. The insights from these interactions demonstrate how coordinated threats from multiple actors can amplify vulnerabilities while effective security measures can mitigate these risks. Considering proactive and reactive security investment strategies, SD-ABM-ISM provides a dynamic and cost-effective security investment strategy to protect IS from adversaries with various behaviors.</div></div>","PeriodicalId":50461,"journal":{"name":"Expert Systems with Applications","volume":"263 ","pages":"Article 125681"},"PeriodicalIF":7.5000,"publicationDate":"2024-11-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"SD-ABM-ISM: An integrated system dynamics and agent-based modeling framework for information security management in complex information systems with multi-actor threat dynamics\",\"authors\":\"Navid Aftabi , Nima Moradi , Fatemeh Mahroo , Farhad Kianfar\",\"doi\":\"10.1016/j.eswa.2024.125681\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>The increasing complexity and dynamic nature of modern Information Systems (IS) and evolving cybersecurity threats pose significant challenges for organizations in managing information security. Traditional methods often focus on isolated security aspects, failing to capture the intricate interdependencies between internal and external threats, vulnerabilities, and defensive strategies. These limitations necessitate a holistic approach that can comprehensively model and analyze the interactions within IS environments. Motivated to address these research gaps, we developed SD-ABM-ISM, a multi-method framework integrating System Dynamics (SD) and Agent-Based Modeling (ABM). This framework is designed to capture the complex dynamics of IS, incorporating insider and outsider threats and their interactions with defensive measures. SD-ABM-ISM enables an in-depth examination of how various threat actors impact security outcomes and how proactive and reactive investment strategies influence the resilience of the IS. The proposed framework provides a unique approach to understanding multi-actor threat dynamics and their effect on IS over time, facilitating informed decision-making for security investments. The framework offers a robust tool for security decision-makers, enabling organizations to align their security strategies with the evolving threat surface and enhance their resilience against cyberattacks. The detailed simulation and statistical analysis identify the influential elements in the IS over time, highlighting the impact of interactions between insider threats, outsider threats, and the IS itself in an environment characterized by high uncertainty and diverse threat behaviors. The insights from these interactions demonstrate how coordinated threats from multiple actors can amplify vulnerabilities while effective security measures can mitigate these risks. Considering proactive and reactive security investment strategies, SD-ABM-ISM provides a dynamic and cost-effective security investment strategy to protect IS from adversaries with various behaviors.</div></div>\",\"PeriodicalId\":50461,\"journal\":{\"name\":\"Expert Systems with Applications\",\"volume\":\"263 \",\"pages\":\"Article 125681\"},\"PeriodicalIF\":7.5000,\"publicationDate\":\"2024-11-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Expert Systems with Applications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S095741742402548X\",\"RegionNum\":1,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Expert Systems with Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S095741742402548X","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}
引用次数: 0
摘要
现代信息系统(IS)的复杂性和动态性不断增加,网络安全威胁也在不断演变,这给企业的信息安全管理带来了巨大挑战。传统方法通常只关注孤立的安全方面,无法捕捉内部和外部威胁、漏洞和防御策略之间错综复杂的相互依存关系。由于这些局限性,需要一种能够全面模拟和分析信息系统环境内部交互作用的整体方法。为了填补这些研究空白,我们开发了 SD-ABM-ISM,这是一种集成系统动力学(SD)和基于代理的建模(ABM)的多方法框架。该框架旨在捕捉 IS 的复杂动态,将内部和外部威胁及其与防御措施之间的相互作用纳入其中。通过 SD-ABM-ISM,可以深入研究各种威胁行为体如何影响安全结果,以及主动和被动投资策略如何影响 IS 的复原力。所提出的框架提供了一种独特的方法,可用于了解多行为体威胁动态及其对 IS 的长期影响,从而促进做出明智的安全投资决策。该框架为安全决策者提供了一个强大的工具,使组织能够根据不断变化的威胁面调整其安全策略,并增强其抵御网络攻击的能力。详细的模拟和统计分析确定了随着时间推移 IS 中的影响因素,突出了在高度不确定性和威胁行为多样化的环境中,内部威胁、外部威胁和 IS 本身之间相互作用的影响。从这些相互作用中获得的启示表明,来自多个行为者的协同威胁会扩大漏洞,而有效的安全措施则可以降低这些风险。考虑到主动和被动的安全投资策略,SD-ABM-ISM 提供了一种动态和具有成本效益的安全投资策略,以保护 IS 不受具有各种行为的对手的攻击。
SD-ABM-ISM: An integrated system dynamics and agent-based modeling framework for information security management in complex information systems with multi-actor threat dynamics
The increasing complexity and dynamic nature of modern Information Systems (IS) and evolving cybersecurity threats pose significant challenges for organizations in managing information security. Traditional methods often focus on isolated security aspects, failing to capture the intricate interdependencies between internal and external threats, vulnerabilities, and defensive strategies. These limitations necessitate a holistic approach that can comprehensively model and analyze the interactions within IS environments. Motivated to address these research gaps, we developed SD-ABM-ISM, a multi-method framework integrating System Dynamics (SD) and Agent-Based Modeling (ABM). This framework is designed to capture the complex dynamics of IS, incorporating insider and outsider threats and their interactions with defensive measures. SD-ABM-ISM enables an in-depth examination of how various threat actors impact security outcomes and how proactive and reactive investment strategies influence the resilience of the IS. The proposed framework provides a unique approach to understanding multi-actor threat dynamics and their effect on IS over time, facilitating informed decision-making for security investments. The framework offers a robust tool for security decision-makers, enabling organizations to align their security strategies with the evolving threat surface and enhance their resilience against cyberattacks. The detailed simulation and statistical analysis identify the influential elements in the IS over time, highlighting the impact of interactions between insider threats, outsider threats, and the IS itself in an environment characterized by high uncertainty and diverse threat behaviors. The insights from these interactions demonstrate how coordinated threats from multiple actors can amplify vulnerabilities while effective security measures can mitigate these risks. Considering proactive and reactive security investment strategies, SD-ABM-ISM provides a dynamic and cost-effective security investment strategy to protect IS from adversaries with various behaviors.
期刊介绍:
Expert Systems With Applications is an international journal dedicated to the exchange of information on expert and intelligent systems used globally in industry, government, and universities. The journal emphasizes original papers covering the design, development, testing, implementation, and management of these systems, offering practical guidelines. It spans various sectors such as finance, engineering, marketing, law, project management, information management, medicine, and more. The journal also welcomes papers on multi-agent systems, knowledge management, neural networks, knowledge discovery, data mining, and other related areas, excluding applications to military/defense systems.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
