Towards a Conversational Agent for Threat Detection in the Internet of Things

McDermott, Christopher D.; Jeannelle, Bastien; Isaacs, John P.

doi:10.1109/cybersa.2019.8899580

Cited by 5 publications

(4 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…When applied to the Cyber domain, Cyber Situational Awareness (CSA) can be defined as the compilation, processing and fusing of network data to understand a network environment in order to accurately predict and respond to potential threats that might occur [17]. In this respect it is clearly linked to network security monitoring which can be traced back to Anderson's seminal work [18] that analysed security logs for anomalies.…”

Section: B Cyber Situational Awareness (Csa)mentioning

confidence: 99%

Intrusion Detection in Smart Homes: A pretest-posttest study of learning modalities for improved Cyber Situational Awareness

McDermott¹,

Nicho²,

Isaacs³

2022

Preprint

View full text Add to dashboard Cite

Smart homes are becoming increasingly more com- plex and difficult to defend. This paper explores how humans can interact with intelligent virtual agents to improve their awareness and detection of threats in smart homes. Mica Endsley’s situa- tional awareness (SA) model was adopted and used to assess how participants perceive device activity, comprehend this in the context of their environment, and project this knowledge to detect if a threat exists. A pretest-posttest study demonstrated a statistically significant improvement in accuracy and efficiency when detecting threats using the conversational agents. In addi- tion, a qualitative approach was also taken to examine usability in relation to a users preferred learning modality. Participants reported being more confident at detecting threats across the three elements of the SA model when using the conversational agents as part of a multi-modal approach.

show abstract

Section: B Cyber Situational Awareness (Csa)mentioning

confidence: 99%

Intrusion Detection in Smart Homes: A pretest-posttest study of learning modalities for improved Cyber Situational Awareness

McDermott¹,

Nicho²,

Isaacs³

2022

Preprint

View full text Add to dashboard Cite

show abstract

“…This tool was planned to be used in large companies, where employees' faceto-face training is infeasible. [18] proposed a conversational agent to address the complexity of how to present network information to non-technical users about the behavior of IoT devices, helping identify when devices are part of a botnet. However, none of these solutions focus on business demands or directly explore different tasks involved in the decisionmaking, configuration, and cybersecurity management.…”

Section: Related Workmentioning

confidence: 99%

SecBot: a Business-Driven Conversational Agent for Cybersecurity Planning and Management

Franco

Rodrigues

Scheid

et al. 2020

2020 16th International Conference on Network and Service Management (CNSM)

View full text Add to dashboard Cite

Businesses were moving during the past decades to-ward full digital models, which made companies face new threatsand cyberattacks affecting their services and, consequently, theirprofits. To avoid negative impacts, companies' investments incybersecurity are increasing considerably. However, Small andMedium-sized Enterprises (SMEs) operate on small budgets,minimal technical expertise, and few personnel to address cy-bersecurity threats. In order to address such challenges, it isessential to promote novel approaches that can intuitively presentcybersecurity-related technical information.This paper introduces SecBot, a cybersecurity-driven conver-sational agent (i.e., chatbot) for the support of cybersecurityplanning and management. SecBot applies concepts of neuralnetworks and Natural Language Processing (NLP), to interactand extract information from a conversation. SecBot can(a)identify cyberattacks based on related symptoms,(b)indicatesolutions and configurations according to business demands,and(c)provide insightful information for the decision on cy-bersecurity investments and risks. A formal description hadbeen developed to describe states, transitions, a language, anda Proof-of-Concept (PoC) implementation. A case study and aperformance evaluation were conducted to provide evidence ofthe proposed solution's feasibility and accuracy

show abstract

“…Since the seminal work of Endsley (Endsley, 1995) situational awareness has been applied to a number of areas such as safety, security and transportation. Situational awareness has been applied in cyber security, vehicular networks, aviation, social media analytics and conversational agents (Onwubiko C., 2009, Eiza M. H., 2017, & McDermott, C. D., Jeannelle, B., and Isaacs, J. P., 2019.…”

Section: Cyber Situational Awarenessmentioning

confidence: 99%

“…situational awareness has been applied to a number of areas such as safety, security and transportation. Situational awareness has been applied in cyber security, vehicular networks, aviation, social media analytics and conversational agents(Onwubiko C., 2009, Eiza M. H., 2017, & McDermott, C. D., Jeannelle, B., and Isaacs, J. P., 2019.Cyber Situational Awareness (Cyber SA) has been defined in many ways in relation to cyber security, cyber defense, and cyber operations in general (see,McGuiness B., Foy J. L., 2000, Cumiford D. L., 2006and Tadda G. P., and Salerno J. S., 2010.…”

mentioning

confidence: 99%

CyberOps: Situational Awareness in Cybersecurity Operations

Onwubiko¹

2020

IJCSA

View full text Add to dashboard Cite

Cybersecurity operations (CyberOps) is the use and application of cybersecurity capabilities to a domain, department, organisation or nation. It is fundamentally to protect digital investments, contribute to national economic wellbeing by providing a safe, secure and conducive environment to conduct business and to protect a nation’s critical national infrastructures and citizens welfare. In this paper, we investigate operational factors that influence situational awareness of CyberOps, specifically, the features that deals with understanding and comprehension of operational and human factors aspects and that helps with insights on human operator decision making (e.g., cognition, teamwork, knowledge, skills and abilities). The operational factors discussed in this paper range from tools, techniques, integration, architecture to automation, cognition, people, policy, process and procedures.

show abstract

Towards a Conversational Agent for Threat Detection in the Internet of Things

Cited by 5 publications

References 22 publications

Intrusion Detection in Smart Homes: A pretest-posttest study of learning modalities for improved Cyber Situational Awareness

Intrusion Detection in Smart Homes: A pretest-posttest study of learning modalities for improved Cyber Situational Awareness

SecBot: a Business-Driven Conversational Agent for Cybersecurity Planning and Management

CyberOps: Situational Awareness in Cybersecurity Operations

Contact Info

Product

Resources

About