Cyber expert feedback: Experiences, expectations, and opinions about cyber deception

Kimberly J. Ferguson-Walter, Maxine M. Major, Chelsea K. Johnson, Craig J. Johnson, Dakota D. Scott, Robert S. Gutzwiller, Temmie Shade

Research output: Contribution to journalArticlepeer-review

12 Scopus citations

Abstract

Human behavior is a critical, yet under-studied topic in cybersecurity. Among the techniques used for cyber defense, for cyber deception, a better understanding of human perception and behavior is crucial. To this point, the current study used a custom Deception Questionnaire to assess perceptions of cyber deception among experts. In this paper, we use a qualitative thematic analysis over the questionnaire responses, which provides a rich insight into the decision-making process of cyber attackers. Results reveal that experts were unlikely to expect deception, and upon encountering potential deception, a subset of attackers would increase and others decrease their attack activity in response. This work augments prior qualitative analyses indicating that cyber deception creates a psychological impact and behavioral change in cyber attackers. Results support the psychological impact and efficacy of deception to deter malicious actors and provide insights about how defenders might utilize deceptive strategies.

Original languageEnglish (US)
Article number103268
JournalComputers and Security
Volume130
DOIs
StatePublished - Jul 2023

Keywords

  • Cyber attack
  • Cyber security
  • Deception
  • Decision-making biases
  • Human behavior
  • Thematic analysis

ASJC Scopus subject areas

  • General Computer Science
  • Law

Fingerprint

Dive into the research topics of 'Cyber expert feedback: Experiences, expectations, and opinions about cyber deception'. Together they form a unique fingerprint.

Cite this