TY - JOUR
T1 - Mitigating Malicious Insider Threats to Common Data Environments in the Architecture, Engineering, and Construction Industry
T2 - An Incomplete Information Game Approach
AU - Lalropuia, K. C.
AU - Goyal, Sanjeev
AU - García de Soto, Borja
AU - Yao, Dongchi
AU - Sonkor, Muammer Semih
N1 - Publisher Copyright:
© 2025 by the authors.
PY - 2025/3
Y1 - 2025/3
N2 - Common data environments (CDEs) are centralized repositories in the architecture, engineering, and construction (AEC) industry designed to improve collaboration and project efficiency. However, CDEs hosted on cloud platforms face significant risks from insider threats, as stakeholders with legitimate access may act maliciously. To address these vulnerabilities, we developed a game-theoretic framework using Bayesian games that account for incomplete information, modeling both simultaneous and sequential interactions between insiders and data defenders. In the simultaneous move game, insiders and defenders act without prior knowledge of each other’s decisions, while the sequential game allows the defender to respond after observing insider actions. Our analysis used Bayesian Nash Equilibrium to predict malicious insider behavior and identify optimal defense strategies for safeguarding CDE data. Through simulation experiments and validation with real project data, we illustrate how various parameters affect insider–defender dynamics. Our results provide insights into effective cybersecurity strategies tailored to the AEC sector, bridging theoretical models with practical applications and supporting data security within the increasingly digitalized construction industry.
AB - Common data environments (CDEs) are centralized repositories in the architecture, engineering, and construction (AEC) industry designed to improve collaboration and project efficiency. However, CDEs hosted on cloud platforms face significant risks from insider threats, as stakeholders with legitimate access may act maliciously. To address these vulnerabilities, we developed a game-theoretic framework using Bayesian games that account for incomplete information, modeling both simultaneous and sequential interactions between insiders and data defenders. In the simultaneous move game, insiders and defenders act without prior knowledge of each other’s decisions, while the sequential game allows the defender to respond after observing insider actions. Our analysis used Bayesian Nash Equilibrium to predict malicious insider behavior and identify optimal defense strategies for safeguarding CDE data. Through simulation experiments and validation with real project data, we illustrate how various parameters affect insider–defender dynamics. Our results provide insights into effective cybersecurity strategies tailored to the AEC sector, bridging theoretical models with practical applications and supporting data security within the increasingly digitalized construction industry.
KW - AEC industry
KW - Bayesian game theory
KW - Monte Carlo simulation
KW - common data environment (CDE)
KW - cybersecurity insider threats
UR - http://www.scopus.com/inward/record.url?scp=105000925847&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=105000925847&partnerID=8YFLogxK
U2 - 10.3390/jcp5010005
DO - 10.3390/jcp5010005
M3 - Article
AN - SCOPUS:105000925847
SN - 2624-800X
VL - 5
JO - Journal of Cybersecurity and Privacy
JF - Journal of Cybersecurity and Privacy
IS - 1
M1 - 5
ER -