Quantitative security metrics with human in the loop

Mohammad Noureddine, Ken Keefe, William H. Sanders, Masooda Bashir

Research output: Chapter in Book/Report/Conference proceedingConference contribution


The human factor is often regarded as the weakest link in cybersecurity systems. The investigation of several security breaches reveals an important impact of human errors in exhibiting security vulnerabilities. Although security researchers have long observed the impact of human behavior, few improvements have been made in designing secure systems that are resilient to the uncertainties of the human element. In this work, we summarize the state of the art work in human cybersecurity research, and present the Human-Influenced Task-Oriented (HITOP) formalism for modeling human decisions in security systems. We also provide a roadmap for future research. We aim at developing a simulation tool that allows modeling and analysis of security systems in light of the uncertainties of human behavior.

Original languageEnglish (US)
Title of host publicationProceedings of the 2015 Symposium and Bootcamp on the Science of Security, HotSoS 2015
PublisherAssociation for Computing Machinery
ISBN (Electronic)9781450333764
StatePublished - Apr 21 2015
EventSymposium and Bootcamp on the Science of Security, HotSoS 2015 - Urbana, United States
Duration: Apr 21 2015Apr 22 2015

Publication series

NameACM International Conference Proceeding Series


OtherSymposium and Bootcamp on the Science of Security, HotSoS 2015
Country/TerritoryUnited States


  • Human models
  • Quantitative security metrics
  • Security modeling

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction
  • Computer Vision and Pattern Recognition
  • Computer Networks and Communications


Dive into the research topics of 'Quantitative security metrics with human in the loop'. Together they form a unique fingerprint.

Cite this