Cascade Cyber Risk Management for Password Spray Attacks: Adaptive Network Analysis of AI Coaching
摘要
This study presents an adaptive network-oriented modeling approach of analyzing and mitigating the risks associated with password spray attacks in organizational IT environments. Password spray attacks involve attempting a small set of commonly used passwords across many user accounts, exploiting weak authentication practices and avoiding typical lockout mechanisms. The designed network model captures both technical and cognitive processes, including system-level impacts such as excessive logging, CPU overload and account lockouts, alongside the mental model for decision-making and belief dynamics of employees. An AI Coach is incorporated into the model to support employee decision-making by its own (shared) mental model, monitoring for potential mistakes or omissions, and intervening with corrective insights only when these occur, providing perfect knowledge and insights while preserving the employee’s agency in taking action. Simulation results show how the interplay of human and AI-guided responses can mitigate risks, improve detection accuracy and reduce system strain during attacks. Two What-If analyses were conducted, one for when the employee acts independently without the AI Coach help and another where the AI Coach provides selective support, in order to explore how AI-assisted guidance influences the effectiveness of responses. The findings highlight the importance of integrating adaptive human-AI decision support into cyber risk management frameworks to effectively address evolving threats like password spray attacks.