Incorporating Human Factors in Cyber Threat Modeling: A Systematic Review

Abstract

Cyber threat modeling is an extensively researched process used to identify the technical attack possibilities for a variety of computer networks. Threat modeling can be conducted via formal/mathematical and graphical models or through human red teams conducting on-network attacks. In both cases, the focus is typically on the technical requirements and capabilities of a potential threat rather than on understanding the impact that human factors, particularly behavior, has on the way an attacker might engage with a targeted network. This work conducted a systematic review (n = 914 reviewed, n = 21 included) to identify how existing threat models capture representation of human factors that impact adversary engagements on computer networks. The review identified 21 peer-reviewed journal or conference papers published in English between January 2010 and February 2026 looking at human factors and threat modeling. After conducting an analysis of consistent themes within the published works, this paper proposes a consolidated human factors model based on the results from the 21 included papers, which can be utilized to complement technical threat models with the behaviors and responses that human attackers might display when attacking a targeted network or system.