Abstract
A 10-step process model to build attacker personas borrowed from user-centred design is proposed and applied to digital banking in this work, with a focus on the procedural approach. A data set of publicly available secondary data sources and grounded theory analysis are used to build a hypothesis (attacker taxonomy) to base the attacker personas on. Benefits of attacker personas, for example raising security awareness, are outlined as well as current drawbacks, like a lack of integration into the wider security management environment. Future research topics such as methodological advancement, stakeholder verification and collaboration are also mentioned.
| Original language | English |
|---|---|
| Title of host publication | NordiCHI '18 Proceedings of the 10th Nordic Conference on Human-Computer Interaction |
| Publisher | Association for Computing Machinery (ACM) |
| Pages | 892-897 |
| Number of pages | 6 |
| ISBN (Electronic) | 978-1-4503-6437-9 |
| DOIs | |
| Publication status | Published - 29 Sept 2018 |