<p>Modern organizations increasingly face cybersecurity incidents driven by human behaviour rather than technical failures. To address this, we propose BioEnvSense, a context-aware human-centred security framework that fuses soft biometric and environmental sensing to estimate user’s physiological and cognitive states in real time. At the core of the framework is a subject-independent risk inference engine, implemented as a hybrid CNN-LSTM model, selected for its suitability for low-latency IoT edge deployment. The CNN component extracts spatial patterns from multimodal sensor data, while the LSTM captures the temporal dynamics of human error susceptibility. The model achieves 84% accuracy, demonstrating the feasibility of detecting proxy states of physiological and environmental conditions associated with elevated cyber risk. By enabling continuous monitoring and adaptive safeguards, the framework provides a foundation for proactive interventions; empirical validation against real-world incident data remains a primary direction for future work.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

BioEnvSense: a human-centred security framework for preventing behaviour-driven cyber incidents

  • Duy Anh Ta,
  • Farnaz Farid,
  • Farhad Ahamed,
  • Ala Al-Areqi,
  • Robert Beutel,
  • Tamara Watson,
  • Alana Maurushat

摘要

Modern organizations increasingly face cybersecurity incidents driven by human behaviour rather than technical failures. To address this, we propose BioEnvSense, a context-aware human-centred security framework that fuses soft biometric and environmental sensing to estimate user’s physiological and cognitive states in real time. At the core of the framework is a subject-independent risk inference engine, implemented as a hybrid CNN-LSTM model, selected for its suitability for low-latency IoT edge deployment. The CNN component extracts spatial patterns from multimodal sensor data, while the LSTM captures the temporal dynamics of human error susceptibility. The model achieves 84% accuracy, demonstrating the feasibility of detecting proxy states of physiological and environmental conditions associated with elevated cyber risk. By enabling continuous monitoring and adaptive safeguards, the framework provides a foundation for proactive interventions; empirical validation against real-world incident data remains a primary direction for future work.