DAMOCLES

Detection And Mitigation Of Cyber attacks that exploit human vuLnerabilitiES

PRIN: PROGETTI DI RICERCA DI RILEVANTE INTERESSE NAZIONALE – Bando 2022 PNRR

The DAMOCLES research project aims at providing a framework for the digital defense of Italian PAs from security incidents caused by human errors. This is achieved by applying vulnerability assessment and mitigation techniques tailored to employees’ behavior. The framework is grounded on two main pillars: the Human Vulnerability Assessment (HVA) and Human Vulnerability Mitigation (HVM).

The HVA leverages three different activities, namely prevention, detection, and simulation. They support the identification of human factors (e.g., behaviors, knowledge, skills, preferences) that can result in human incidents on different aspects of cybersecurity and that can make users, and thus the entire PA, more vulnerable. Prevention is carried out through questionnaires that identify wrong user behaviors causing human incidents and their degree of severity. Detection is performed by executing safe tests of cyber-attacks inside the PA, to monitor employees' responses to the threats they are most vulnerable to (e.g., sending them safe phishing emails to monitor how they react). Simulation is performed by means of Digital Twins (DT) of the employees, which mirror their behaviors, allowing the identification of cybersecurity threats its physical counterpart may be most susceptible to.

The HVM starts from the results of the HVA to educate the employees according to the vulnerabilities they are more likely to be exposed to. Specifically, customized training programs will teach users to avoid wrong behaviors in cyber contexts. Different training approaches will be adopted to improve the effectiveness of the HVM phase, for example, podcasts, video tutorials, role-playing games that simulate attacks from which the players have to defend, and messages embedded in working software.

The project started on 30 November 2023 and will last for two years.