| dc.description.abstract | In an era where software and system architectures grow increasingly complex and globally interconnected, the challenge of safeguarding against malicious actors becomes ever more daunting. This dissertation unveils the subtle yet significant role human behavior plays in compromising cybersecurity, even under rigorous security protocols. Through a meticulously designed experiment involving multi-factor authentication (MFA) step-up requests sent to 1,000 users, we uncovered a startling vulnerability: 7% of users, despite clear indications of potential credential compromise, proceeded to accept these step-up prompts, exposing a critical flaw in user response mechanisms to security breaches.
Building on these findings, this work introduces a novel, lightweight enrollment protocol tailored for web-based systems, specifically engineered to diminish the effectiveness of attacks leveraging stolen credentials. Furthermore, we explore the cutting-edge application of large language models (LLMs) in reinforcing cybersecurity measures. Our research presents pioneering efforts in utilizing LLMs to augment tabletop exercises and incident response planning, demonstrating their potential to significantly enhance the strategic and operational aspects of cybersecurity defense mechanisms.
By integrating empirical evidence with innovative technological solutions, this dissertation not only highlights the underestimated impact of human factors on security failures but also proposes a multifaceted approach to mitigate these vulnerabilities. Through the development and implementation of advanced protocols and AI-augmented processes, we aim to bridge the gap between human frailty and cybersecurity resilience, charting a path forward for the creation of more secure and robust systems. This research contributes a critical perspective to the cybersecurity discourse, advocating for a holistic approach that addresses both technological and human dimensions of cybersecurity challenges | |
