Abstract
A 10-step process model to build attacker personas borrowed from user-centred design is proposed and applied to digital banking in this work, with a focus on the procedural approach. A data set of publicly available secondary data sources and grounded theory analysis are used to build a hypothesis (attacker taxonomy) to base the attacker personas on. Benefits of attacker personas, for example raising security awareness, are outlined as well as current drawbacks, like a lack of integration into the wider security management environment. Future research topics such as methodological advancement, stakeholder verification and collaboration are also mentioned.
Original language | English |
---|---|
Title of host publication | NordiCHI '18 Proceedings of the 10th Nordic Conference on Human-Computer Interaction |
Publisher | Association for Computing Machinery (ACM) |
Pages | 892-897 |
Number of pages | 6 |
ISBN (Electronic) | 978-1-4503-6437-9 |
DOIs | |
Publication status | Published - 29 Sept 2018 |