Name
Title | ||
|---|---|---|
Measuring expertise and bias in cyber security using cognitive and neuroscience approaches |
Abstract | ||
|---|---|---|
Toward the ultimate goal of enhancing human performance in cyber security, we attempt to understand the cognitive components of cyber security expertise. Our initial focus is on cyber security attackers - often called “hackers”. Our first aim is to develop behavioral measures of accuracy and response time to examine the cognitive processes of pattern-recognition, reasoning and decision-making that underlie the detection and exploitation of security vulnerabilities. Understanding these processes at a cognitive level will lead to theory development addressing questions about how cyber security expertise can be identified, quantified, and trained. In addition to behavioral measures our plan is to conduct a functional magnetic resonance imaging (fMRI) study of neural processing patterns that can differentiate persons with different levels of cyber security expertise. Our second aim is to quantitatively assess the impact of attackers' thinking strategies - conceptualized by psychologists as heuristics and biases - on their susceptibility to defensive techniques (e.g., “decoys,” “honeypots”). Honeypots are an established method to lure attackers into exploiting a dummy system containing misleading or false content, distracting their attention from genuinely sensitive information, and consuming their limited time and resources. We use the extensive research and experimentation that we have carried out to study the minds of successful chess players in order to study the minds of hackers with the ultimate goal of enhancing the security of current systems. This paper outlines our approach. |
Year | DOI | Venue |
|---|---|---|
2013 | 10.1109/ISI.2013.6578859 | Intelligence and Security Informatics |
Keywords | Field | DocType |
biomedical MRI,cognition,decision making,neurophysiology,pattern recognition,psychology,security of data,accuracy behavioral measures,attackers thinking strategies,cognitive science,cyber security attackers,cyber security expertise,decision-making,defensive techniques susceptibility,dummy system,fMRI study,functional magnetic resonance imaging,hackers,honeypots,neural processing patterns,neuroscience,pattern-recognition,psychologists,reasoning,response time behavioral measures,security enhancement,security vulnerability detection,security vulnerability exploitation,successful chess players minds,theory development,Cognitive newro science,chess expert,cyber security,decoys,fMRI,hackers,honeypot | Honeypot,Data mining,Neural processing,Computer science,Computer security,Hacker,Heuristics,Cognition,Information sensitivity,Development theory,Vulnerability | Conference |
ISBN | Citations | PageRank |
978-1-4673-6214-6 | 1 | 0.35 |
References | Authors | |
1 | 4 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Krawczyk, D. | 1 | 1 | 0.35 |
| Bartlett, J. | 2 | 1 | 0.35 |
| Murat Kantarcioglu | 3 | 2470 | 168.03 |
| Hamlen, K. | 4 | 1 | 0.35 |