Systems Dynamics Modeling for Evaluating Socio-Technical Vulnerabilities in Advanced Persistent Threats

Abstract

The paper focus on the application of Systems Dynamics Modelling (SDM) for simulating socio-technical vulnerabilities of Advanced Persistent Threats (APT) to unravel Human Computer Interaction (HCI) for strategic visibility of threat actors. SDM has been widely applied to analyze nonlinear, complex, and dynamic systems in social sciences and technology. However, its application in the cyber security domain especially APT that involve complex and dynamic human computer interaction is a promising but scant research domain. While HCI deals with the interaction between one or more humans and between one or more computers for greater usability, this same interactive process is exploited by the APT actor. In this respect, using a data breach case study, we applied the socio-technical vulnerabilities classification as a theoretical lens to model socio and technical vulnerabilities on systems dynamics using Vensim software. The variables leading to the breach were identified, entered into Vensim software, and simulated to get the results. The results demonstrated an optimal interactive mix of one or more of the six socio variables and three technical variables leading to the data breach. SDM approach thus provides insights into the dynamics of the threat as well as throw light on the strategies to undertake for minimizing APT risks. This can assist in the reduction of the attack surface and reinforce mitigation efforts (prior to exfiltration) should an APT attack occur. In this paper, we thus propose and validate the application of system dynamics approach for designing a dynamic threat assessment framework for socio-technical vulnerabilities of APT.