Browse by author
Lookup NU author(s): Peter Carmichael, Dr Charles Morisset
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License (CC BY-NC 4.0).
© Springer International Publishing AG 2018. In general, in order to predict the impact of human behaviour on the security of an organisation, one can either build a classifier from actual traces observed within the organisation, or build a formal model, integrating known existing behavioural elements. Whereas the former approach can be costly and time-consuming, and it can be complicated to select the best classifier, it can be equally complicated to select the right parameters for a concrete setting in the latter approach. In this paper, we propose a methodical assessment of decision trees to predict the impact of human behaviour on the security of an organisation, by learning them from different sets of traces generated by a formal probabilistic model we designed. We believe this approach can help a security practitioner understand which features to consider before observing real traces from an organisation, and understand the relationship between the complexity of the behaviour model and the accuracy of the decision tree. In particular, we highlight the impact of the norm and messenger effects, which are well-known influencers, and therefore the crucial importance to capture observations made by the agents. We demonstrate this approach with a case study around tailgating. A key result from this work shows that probabilistic behaviour and influences reduce the effectiveness of decision trees and, importantly, they impact a model differently with regards to error rate, precision and recall.
Author(s): Carmichael P, Morisset C
Editor(s): Cerone A; Roveri M
Publication type: Conference Proceedings (inc. Abstract)
Publication status: Published
Conference Name: Software Engineering and Formal Methods (SEFM 2017)
Year of Conference: 2018
Pages: 56-71
Online publication date: 02/02/2018
Acceptance date: 02/04/2016
Date deposited: 12/04/2018
ISSN: 0302-9743
Publisher: Springer Verlag
URL: https://doi.org/10.1007/978-3-319-74781-1_5
DOI: 10.1007/978-3-319-74781-1_5
Library holdings: Search Newcastle University Library for this item
Series Title: Lecture Notes in Computer Science
ISBN: 9783319747804
