TY - GEN
T1 - Oppositional Human Factors in Cybersecurity
T2 - 36th IEEE/ACM International Conference on Automated Software Engineering Workshops, ASEW 2021
AU - Ferguson-Walter, Kimberly J.
AU - Gutzwiller, Robert S.
AU - Scott, Dakota D.
AU - Johnson, Craig J.
N1 - Funding Information:
ACKNOWLEDGMENT The authors wish to thank the participants and researchers involved in the Tularosa Study. This work was funded by the Laboratory for Advanced Cybersecurity Research.
Publisher Copyright:
© 2021 IEEE.
PY - 2021
Y1 - 2021
N2 - The need for cyber defense research is growing as more cyber-attacks are directed at critical infrastructure and other sensitive networks. Traditionally, the focus has been on hardening system defenses. However, other techniques are being explored including cyber and psychological deception which aim to negatively impact the cognitive and emotional state of cyber attackers directly through the manipulation of network characteristics. In this study, we present a preliminary analysis of survey data collected following a controlled experiment in which over 130 professional red teamers participated in a network penetration task that included cyber deception and psychological deception manipulations [7]. Thematic and inductive analysis of previously un-analyzed open-ended survey responses revealed factors associated with affective states. These preliminary results are a first step in our analysis efforts and show that there are potentially several distinct dimensions of cyber-behavior that induce negative affective states in cyber attackers, which may serve as potential avenues for supplementing traditional cyber defense strategies.
AB - The need for cyber defense research is growing as more cyber-attacks are directed at critical infrastructure and other sensitive networks. Traditionally, the focus has been on hardening system defenses. However, other techniques are being explored including cyber and psychological deception which aim to negatively impact the cognitive and emotional state of cyber attackers directly through the manipulation of network characteristics. In this study, we present a preliminary analysis of survey data collected following a controlled experiment in which over 130 professional red teamers participated in a network penetration task that included cyber deception and psychological deception manipulations [7]. Thematic and inductive analysis of previously un-analyzed open-ended survey responses revealed factors associated with affective states. These preliminary results are a first step in our analysis efforts and show that there are potentially several distinct dimensions of cyber-behavior that induce negative affective states in cyber attackers, which may serve as potential avenues for supplementing traditional cyber defense strategies.
KW - Affect and Emotions
KW - Deception
KW - Human Factors
KW - Oppositional Human Factors
KW - Psychology
KW - Qualitative Data Analysis
UR - http://www.scopus.com/inward/record.url?scp=85125635364&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85125635364&partnerID=8YFLogxK
U2 - 10.1109/ASEW52652.2021.00040
DO - 10.1109/ASEW52652.2021.00040
M3 - Conference contribution
AN - SCOPUS:85125635364
T3 - Proceedings - 2021 36th IEEE/ACM International Conference on Automated Software Engineering Workshops, ASEW 2021
SP - 153
EP - 158
BT - Proceedings - 2021 36th IEEE/ACM International Conference on Automated Software Engineering Workshops, ASEW 2021
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 15 November 2021 through 19 November 2021
ER -