Unryderstanding the relationship between human behavior and susceptibility to cyber attacks: A data-driven approach

Michael Ovelgönne, Tudor Dumitras, B. Aditya Prakash, V. S. Subrahmanian, Benjamin Wang

Research output: Contribution to journalArticlepeer-review

34 Scopus citations


Despite growing speculation about the role of human behavior in cyber-security of machines, concrete datadriven analysis and evidence have been lacking. Using Symantec's WINE platform, we conduct a detailed study of 1.6 million machines over an 8-month period in order to learn the relationship between user behavior and cyber attacks against their personal computers. We classify users into 4 categories (gamers, professionals, software developers, and others, plus a fifth category comprising everyone) and identify a total of 7 features that act as proxies for human behavior. For each of the 35 possible combinations (5 categories times 7 features), we studied the relationship between each of these seven features and one dependent variable, namely the number of attempted malware attacks detected by Symantec on the machine. Our results show that there is a strong relationship between several features and the number of attempted malware attacks. Had these hosts not been protected by Symantec's anti-virus product or a similar product, they would likely have been infected. Surprisingly, our results show that software developers are more at risk of engaging in risky cyber-behavior than other categories.

Original languageEnglish (US)
Article number51
JournalACM Transactions on Intelligent Systems and Technology
Issue number4
StatePublished - Feb 2017
Externally publishedYes


  • Computer virus
  • Malware
  • User behavior

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Artificial Intelligence


Dive into the research topics of 'Unryderstanding the relationship between human behavior and susceptibility to cyber attacks: A data-driven approach'. Together they form a unique fingerprint.

Cite this