Human-related IT security: A reliability model for network and computer maintenance

Abstract

User vigilance and security awareness are two interrelated factors, which we often oversee and merely rely on the default configurations set by the related vendor. User-related mistakes can lead to serious threats to computerized systems. If not performed adequately, system maintenance tasks including backup, restore, patch, upgrade, and malconfigurations can create critical vulnerabilities throughout the Internet. This paper presents a numerical method to analyze the system availability and predict the cost of mistakes (or maloperations) done by users. A reliability-based impact analysis method with a concise formulation can help system administrators to easily capture the risks of human-rooted threats and take the necessary measures to mitigate them. The proposed work can be specially useful for the analysis of threats in social networks. Because social networks are more vulnerable in the sense that they connect a heavily crowded community with relatively low security-awareness, which encompasses a wide spectrum of user applications running on different platforms with different protection profiles. Due to the immense number of interconnections and highly improved communication infrastructures viruses/warms, popups, phishers, and Trojans can easily propagate to millions of users in a few milliseconds of time causing losses that are worth being aware. © 2015 Infonomics Society.