Measuring expertise and bias in cyber security using cognitive and neuroscience approaches

Daniel Krawczyk, James Bartlett, Murat Kantarcioglu, Kevin Hamlen, Bhavani Thuraisingham

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Citations (Scopus)

Abstract

Toward the ultimate goal of enhancing human performance in cyber security, we attempt to understand the cognitive components of cyber security expertise. Our initial focus is on cyber security attackers - often called 'hackers'. Our first aim is to develop behavioral measures of accuracy and response time to examine the cognitive processes of pattern-recognition, reasoning and decision-making that underlie the detection and exploitation of security vulnerabilities. Understanding these processes at a cognitive level will lead to theory development addressing questions about how cyber security expertise can be identified, quantified, and trained. In addition to behavioral measures our plan is to conduct a functional magnetic resonance imaging (fMRI) study of neural processing patterns that can differentiate persons with different levels of cyber security expertise. Our second aim is to quantitatively assess the impact of attackers' thinking strategies - conceptualized by psychologists as heuristics and biases - on their susceptibility to defensive techniques (e.g., 'decoys,' 'honeypots'). Honeypots are an established method to lure attackers into exploiting a dummy system containing misleading or false content, distracting their attention from genuinely sensitive information, and consuming their limited time and resources. We use the extensive research and experimentation that we have carried out to study the minds of successful chess players in order to study the minds of hackers with the ultimate goal of enhancing the security of current systems. This paper outlines our approach.

Original languageEnglish (US)
Title of host publicationIEEE ISI 2013 - 2013 IEEE International Conference on Intelligence and Security Informatics: Big Data, Emergent Threats, and Decision-Making in Security Informatics
Pages364-367
Number of pages4
DOIs
StatePublished - 2013
Event11th IEEE International Conference on Intelligence and Security Informatics, IEEE ISI 2013 - Seattle, WA, United States
Duration: Jun 4 2013Jun 7 2013

Other

Other11th IEEE International Conference on Intelligence and Security Informatics, IEEE ISI 2013
CountryUnited States
CitySeattle, WA
Period6/4/136/7/13

Fingerprint

Pattern recognition
Decision making
Processing
Magnetic Resonance Imaging

Keywords

  • chess expert
  • Cognitive newro science
  • cyber security
  • decoys
  • fMRI
  • hackers
  • honeypot

ASJC Scopus subject areas

  • Artificial Intelligence
  • Information Systems

Cite this

Krawczyk, D., Bartlett, J., Kantarcioglu, M., Hamlen, K., & Thuraisingham, B. (2013). Measuring expertise and bias in cyber security using cognitive and neuroscience approaches. In IEEE ISI 2013 - 2013 IEEE International Conference on Intelligence and Security Informatics: Big Data, Emergent Threats, and Decision-Making in Security Informatics (pp. 364-367). [6578859] https://doi.org/10.1109/ISI.2013.6578859

Measuring expertise and bias in cyber security using cognitive and neuroscience approaches. / Krawczyk, Daniel; Bartlett, James; Kantarcioglu, Murat; Hamlen, Kevin; Thuraisingham, Bhavani.

IEEE ISI 2013 - 2013 IEEE International Conference on Intelligence and Security Informatics: Big Data, Emergent Threats, and Decision-Making in Security Informatics. 2013. p. 364-367 6578859.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Krawczyk, D, Bartlett, J, Kantarcioglu, M, Hamlen, K & Thuraisingham, B 2013, Measuring expertise and bias in cyber security using cognitive and neuroscience approaches. in IEEE ISI 2013 - 2013 IEEE International Conference on Intelligence and Security Informatics: Big Data, Emergent Threats, and Decision-Making in Security Informatics., 6578859, pp. 364-367, 11th IEEE International Conference on Intelligence and Security Informatics, IEEE ISI 2013, Seattle, WA, United States, 6/4/13. https://doi.org/10.1109/ISI.2013.6578859
Krawczyk D, Bartlett J, Kantarcioglu M, Hamlen K, Thuraisingham B. Measuring expertise and bias in cyber security using cognitive and neuroscience approaches. In IEEE ISI 2013 - 2013 IEEE International Conference on Intelligence and Security Informatics: Big Data, Emergent Threats, and Decision-Making in Security Informatics. 2013. p. 364-367. 6578859 https://doi.org/10.1109/ISI.2013.6578859
Krawczyk, Daniel ; Bartlett, James ; Kantarcioglu, Murat ; Hamlen, Kevin ; Thuraisingham, Bhavani. / Measuring expertise and bias in cyber security using cognitive and neuroscience approaches. IEEE ISI 2013 - 2013 IEEE International Conference on Intelligence and Security Informatics: Big Data, Emergent Threats, and Decision-Making in Security Informatics. 2013. pp. 364-367
@inproceedings{4a937057d30d445ebde2b598f0215cc1,
title = "Measuring expertise and bias in cyber security using cognitive and neuroscience approaches",
abstract = "Toward the ultimate goal of enhancing human performance in cyber security, we attempt to understand the cognitive components of cyber security expertise. Our initial focus is on cyber security attackers - often called 'hackers'. Our first aim is to develop behavioral measures of accuracy and response time to examine the cognitive processes of pattern-recognition, reasoning and decision-making that underlie the detection and exploitation of security vulnerabilities. Understanding these processes at a cognitive level will lead to theory development addressing questions about how cyber security expertise can be identified, quantified, and trained. In addition to behavioral measures our plan is to conduct a functional magnetic resonance imaging (fMRI) study of neural processing patterns that can differentiate persons with different levels of cyber security expertise. Our second aim is to quantitatively assess the impact of attackers' thinking strategies - conceptualized by psychologists as heuristics and biases - on their susceptibility to defensive techniques (e.g., 'decoys,' 'honeypots'). Honeypots are an established method to lure attackers into exploiting a dummy system containing misleading or false content, distracting their attention from genuinely sensitive information, and consuming their limited time and resources. We use the extensive research and experimentation that we have carried out to study the minds of successful chess players in order to study the minds of hackers with the ultimate goal of enhancing the security of current systems. This paper outlines our approach.",
keywords = "chess expert, Cognitive newro science, cyber security, decoys, fMRI, hackers, honeypot",
author = "Daniel Krawczyk and James Bartlett and Murat Kantarcioglu and Kevin Hamlen and Bhavani Thuraisingham",
year = "2013",
doi = "10.1109/ISI.2013.6578859",
language = "English (US)",
isbn = "9781467362115",
pages = "364--367",
booktitle = "IEEE ISI 2013 - 2013 IEEE International Conference on Intelligence and Security Informatics: Big Data, Emergent Threats, and Decision-Making in Security Informatics",

}

TY - GEN

T1 - Measuring expertise and bias in cyber security using cognitive and neuroscience approaches

AU - Krawczyk, Daniel

AU - Bartlett, James

AU - Kantarcioglu, Murat

AU - Hamlen, Kevin

AU - Thuraisingham, Bhavani

PY - 2013

Y1 - 2013

N2 - Toward the ultimate goal of enhancing human performance in cyber security, we attempt to understand the cognitive components of cyber security expertise. Our initial focus is on cyber security attackers - often called 'hackers'. Our first aim is to develop behavioral measures of accuracy and response time to examine the cognitive processes of pattern-recognition, reasoning and decision-making that underlie the detection and exploitation of security vulnerabilities. Understanding these processes at a cognitive level will lead to theory development addressing questions about how cyber security expertise can be identified, quantified, and trained. In addition to behavioral measures our plan is to conduct a functional magnetic resonance imaging (fMRI) study of neural processing patterns that can differentiate persons with different levels of cyber security expertise. Our second aim is to quantitatively assess the impact of attackers' thinking strategies - conceptualized by psychologists as heuristics and biases - on their susceptibility to defensive techniques (e.g., 'decoys,' 'honeypots'). Honeypots are an established method to lure attackers into exploiting a dummy system containing misleading or false content, distracting their attention from genuinely sensitive information, and consuming their limited time and resources. We use the extensive research and experimentation that we have carried out to study the minds of successful chess players in order to study the minds of hackers with the ultimate goal of enhancing the security of current systems. This paper outlines our approach.

AB - Toward the ultimate goal of enhancing human performance in cyber security, we attempt to understand the cognitive components of cyber security expertise. Our initial focus is on cyber security attackers - often called 'hackers'. Our first aim is to develop behavioral measures of accuracy and response time to examine the cognitive processes of pattern-recognition, reasoning and decision-making that underlie the detection and exploitation of security vulnerabilities. Understanding these processes at a cognitive level will lead to theory development addressing questions about how cyber security expertise can be identified, quantified, and trained. In addition to behavioral measures our plan is to conduct a functional magnetic resonance imaging (fMRI) study of neural processing patterns that can differentiate persons with different levels of cyber security expertise. Our second aim is to quantitatively assess the impact of attackers' thinking strategies - conceptualized by psychologists as heuristics and biases - on their susceptibility to defensive techniques (e.g., 'decoys,' 'honeypots'). Honeypots are an established method to lure attackers into exploiting a dummy system containing misleading or false content, distracting their attention from genuinely sensitive information, and consuming their limited time and resources. We use the extensive research and experimentation that we have carried out to study the minds of successful chess players in order to study the minds of hackers with the ultimate goal of enhancing the security of current systems. This paper outlines our approach.

KW - chess expert

KW - Cognitive newro science

KW - cyber security

KW - decoys

KW - fMRI

KW - hackers

KW - honeypot

UR - http://www.scopus.com/inward/record.url?scp=84883357978&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84883357978&partnerID=8YFLogxK

U2 - 10.1109/ISI.2013.6578859

DO - 10.1109/ISI.2013.6578859

M3 - Conference contribution

AN - SCOPUS:84883357978

SN - 9781467362115

SP - 364

EP - 367

BT - IEEE ISI 2013 - 2013 IEEE International Conference on Intelligence and Security Informatics: Big Data, Emergent Threats, and Decision-Making in Security Informatics

ER -