Agent-Based Modelling for Security Risk Assessment

• Published in: Advances in Practical Applications of Cyber-Physical Multi-Agent Systems: The PAAMS Collection Vol. 10349; pp. 132 - 143
• Main Authors: Janssen, Stef, Sharpanskykh, Alexei
• Format: Book Chapter
• Language: English
• Published: Switzerland Springer International Publishing AG 2017; Springer International Publishing
• Series: Lecture Notes in Computer Science
• Subjects: False Positive Probability; Illustrative Case Study; Interarrival Time; Security Expert; Security Risk
• ISBN: 3319599291; 9783319599298
• ISSN: 0302-9743; 1611-3349
• DOI: 10.1007/978-3-319-59930-4_11

Security Risk Assessment is commonly performed by using traditional methods based on linear probabilistic tools and informal expert judgements. These methods lack the capability to take the inherent dynamic and intelligent nature of attackers into account. To partially address the limitations, researchers applied game theory to study security risks. However, these methods still rely on traditional methods to determine essential model parameters, such as payoff values. To overcome the limitations of traditional methods, we propose an approach which combines agent-based modelling with Monte Carlo simulations. Agent-based models allow more realistic representation of essential aspects and processes of socio-technical systems at cognitive, social and organisational levels. Such models can be used to estimate risks and parameters related to them. An application of the approach is illustrated by a case study of an airport security checkpoint.