The role of human factors in cybersecurity is an under-explored area that has a lot of potential towards mitigating attacks. As a result, an SLR that explored human factors in cybersecurity, focusing on phishing, revealed five key human factors that were persistent with phishing related attacks or issues. Based on the results of the SLR, further explorations into threat modelling were conducted to determine how to classify human factor related behaviour and the decisions that are likely behind them or lead towards human error. From here, this information was used to develop a human factor-centred threat model called STRIDE-HF that was implemented into a game called Another Week at the Office (AWATO). The results of further testing of AWATO revealed that is an effective tool for improving users awareness of good cybersecurity practices.
AWATO: A serious game to improve cybersecurity awareness / Ferro, L. S.; Marrella, A.; Catarci, T.; Sapio, F.; Parenti, A.; DE SANTIS, Matteo. - 13334:(2022), pp. 508-529. (Intervento presentato al convegno 4th International Conference on HCI in Games, HCI in Games 2022 Held as Part of the 24th HCI International Conference, HCII 2022 tenutosi a Virtual) [10.1007/978-3-031-05637-6_33].
AWATO: A serious game to improve cybersecurity awareness
Ferro L. S.;Marrella A.;Catarci T.;Sapio F.;Parenti A.;De Santis Matteo
2022
Abstract
The role of human factors in cybersecurity is an under-explored area that has a lot of potential towards mitigating attacks. As a result, an SLR that explored human factors in cybersecurity, focusing on phishing, revealed five key human factors that were persistent with phishing related attacks or issues. Based on the results of the SLR, further explorations into threat modelling were conducted to determine how to classify human factor related behaviour and the decisions that are likely behind them or lead towards human error. From here, this information was used to develop a human factor-centred threat model called STRIDE-HF that was implemented into a game called Another Week at the Office (AWATO). The results of further testing of AWATO revealed that is an effective tool for improving users awareness of good cybersecurity practices.File | Dimensione | Formato | |
---|---|---|---|
Ferro_Awato-Serious-Game_2022.pdf
solo gestori archivio
Note: Articolo principale
Tipologia:
Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
4.29 MB
Formato
Adobe PDF
|
4.29 MB | Adobe PDF | Contatta l'autore |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.