A human-in-the-loop approach to understanding situation awareness in cyber defence analysis

Tyworth, Michael; Giacobe, Nicklaus A.; Mancuso, Vincent; McNeese, Michael D.; Hall, David L.

doi:10.4108/trans.sesa.01-06.2013.e6

Cited by 16 publications

(15 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Similar findings were also found by Brustoloni and Villamarín-Salomón (2007). Responding to novel and anomalous activities are aspects of situational awareness, and key for detecting phishing attempts in a cyber or network systems (D'Amico et al, 2005;Barford, 2010;Dutt et al, 2013;Knott et al, 2013;Tyworth et al, 2013;Mancuso et al, 2014;Aggarwal et al, 2018;Veksler et al, 2018). Software engineers should develop attention-capturing security warnings and not standard message dialogs, and these also should change over time in order to increase alertness and attention in computer system users.…”

Section: Improving Security Behaviours Using Psychological Methodsmentioning

confidence: 65%

“…Most of the research on cybersecurity has focused on improving computer network systems (Nobles, 2018), as many believe that information technology advances and software development is the main way to increase information security (Sadkhan, 2019;Benson and Mcalaney, 2020). Fewer studies have been conducted on enhancing cognitive capabilities and situational awareness of system analysts (D'Amico et al, 2005;Barford, 2010;Dutt et al, 2013;Knott et al, 2013;Tyworth et al, 2013;Mancuso et al, 2014;Gutzwiller et al, 2015;Aggarwal et al, 2018;Veksler et al, 2018).…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

The Role of User Behaviour in Improving Cyber Security Management

2021

View full text Add to dashboard Cite

Information security has for long time been a field of study in computer science, software engineering, and information communications technology. The term ‘information security’ has recently been replaced with the more generic term cybersecurity. The goal of this paper is to show that, in addition to computer science studies, behavioural sciences focused on user behaviour can provide key techniques to help increase cyber security and mitigate the impact of attackers’ social engineering and cognitive hacking methods (i.e., spreading false information). Accordingly, in this paper, we identify current research on psychological traits and individual differences among computer system users that explain vulnerabilities to cyber security attacks and crimes. Our review shows that computer system users possess different cognitive capabilities which determine their ability to counter information security threats. We identify gaps in the existing research and provide possible psychological methods to help computer system users comply with security policies and thus increase network and information security.

show abstract

Section: Improving Security Behaviours Using Psychological Methodsmentioning

confidence: 65%

Section: Introductionmentioning

confidence: 99%

The Role of User Behaviour in Improving Cyber Security Management

2021

View full text Add to dashboard Cite

show abstract

“… Dourish et al (2004) argue that security solutions should consider specific interactions factors that could improve human’s using of computers ( Figure 4 ). Both Haack et al (2009) and Tyworth et al (2013) make a case for mixed-initiative cyber security where the focus is put on humans-in-the-loop, i.e., the human ( Section 3 ) and the cyber system ( Section 4 ) working together toward usability. This humans-in-the-loop concept is more commonly referred to as orchestration, where the aim is to make all levels of user feel comfortable to interact with the system.…”

Section: Usabilitymentioning

confidence: 99%

User, Usage and Usability: Redefining Human Centric Cyber Security

Grobler¹,

Gaire²,

Nepal³

2021

Front. Big Data

View full text Add to dashboard Cite

The effectiveness of cyber security measures are often questioned in the wake of hard hitting security events. Despite much work being done in the field of cyber security, most of the focus seems to be concentrated on system usage. In this paper, we survey advancements made in the development and design of the human centric cyber security domain. We explore the increasing complexity of cyber security with a wider perspective, defining user, usage and usability (3U’s) as three essential components for cyber security consideration, and classify developmental efforts through existing research works based on the human centric security design, implementation and deployment of these components. Particularly, the focus is on studies that specifically illustrate the shift in paradigm from functional and usage centred cyber security, to user centred cyber security by considering the human aspects of users. The aim of this survey is to provide both users and system designers with insights into the workings and applications of human centric cyber security.

show abstract

“…Cyber operations exist within a complex system of humanmachine interaction, where operators are tasked with monitoring the activities, efficacy, and progress of intelligent and autonomous computer systems (Tyworth et al, 2013). In these environments, cyber operators supervise intelligent systems as they execute tasks across networks.…”

Section: Introductionmentioning

confidence: 99%

“…Current research has focused on identifying important dimensions of cognition within cyber operations, such as situation awareness (Giacobe, 2012), team knowledge structures (Mancuso & McNeese, 2012), and team collaboration (Rajivan et al, 2013). However, little research has focused explicitly on specific issues related to task load and operations management -classic Human Factors research vectors.Cyber operations exist within a complex system of humanmachine interaction, where operators are tasked with monitoring the activities, efficacy, and progress of intelligent and autonomous computer systems (Tyworth et al, 2013). In these environments, cyber operators supervise intelligent systems as they execute tasks across networks.…”

mentioning

confidence: 99%

Capturing Performance in Cyber Human Supervisory Control

Mancuso¹,

Funke

Strang

et al. 2015

Proceedings of the Human Factors and Ergonomics Society Annual

Self Cite

View full text Add to dashboard Cite

Modern cyber operations require operators to maintain supervisory control of remote computer agents. A current operational concern is the number of agents an operator can control at once. This type of task resonates with similar Human Supervisory Control (HSC) research that has been conducted in environments such as Unmanned Aerial Vehicle operations. Within the relevant literature, there has been limited discussion of cyber-HSC, and no available experimental research. In this paper, we present an initial exploration cyber-HSC. Using the BOARD 1.5 Simulation, we manipulated the number of autonomous assets accessible to a human operator. We expected that as the number of autonomous agents available increased, we would observe concomitant changes in human performance and cognition. However, our results indicated that participants' overall span-of-control did not vary with additional agents. Our findings highlight the need for continued research on issues of supervisory control within cyber operations. INTRODUCTIONComputer networks that manage critical private (e.g., banking) and government (e.g., nuclear power plant) assets have become ubiquitous entities. With this increased reliance, cyber security has become a primary concern for homeland security. Generally, cyber security research has focused on computer science and engineering problems, such as the development of algorithms to detect, identify, and mitigate specific threats that exist on computer networks. While this research is critical to national defense, it does not acknowledge the role that human operators play in cyber security. The Human Factors community has recognized this research gap and has responded by establishing an initiative to explore human-centered aspects of cyber operations. Current research has focused on identifying important dimensions of cognition within cyber operations, such as situation awareness (Giacobe, 2012), team knowledge structures (Mancuso & McNeese, 2012), and team collaboration (Rajivan et al., 2013). However, little research has focused explicitly on specific issues related to task load and operations management -classic Human Factors research vectors.Cyber operations exist within a complex system of humanmachine interaction, where operators are tasked with monitoring the activities, efficacy, and progress of intelligent and autonomous computer systems (Tyworth et al., 2013). In these environments, cyber operators supervise intelligent systems as they execute tasks across networks. This places significant cognitive demand on operators due to their need to maintain situation awareness while dividing attention across dynamic task elements and managing large quantities of information. While novel within the context of humancentered cyber research, these environments share many commonalities with human supervisory control tasks.

show abstract

A human-in-the-loop approach to understanding situation awareness in cyber defence analysis

Cited by 16 publications

References 37 publications

The Role of User Behaviour in Improving Cyber Security Management

The Role of User Behaviour in Improving Cyber Security Management

User, Usage and Usability: Redefining Human Centric Cyber Security

Capturing Performance in Cyber Human Supervisory Control

Contact Info

Product

Resources

About