-
A Case Study on the Use of Representativeness Bias as a Defense Against Adversarial Cyber Threats
Authors:
Briland Hitaj,
Grit Denker,
Laura Tinnel,
Michael McAnally,
Bruce DeBruhl,
Nathan Bunting,
Alex Fafard,
Daniel Aaron,
Richard D. Roberts,
Joshua Lawson,
Greg McCain,
Dylan Starink
Abstract:
Cyberspace is an ever-evolving battleground involving adversaries seeking to circumvent existing safeguards and defenders aiming to stay one step ahead by predicting and mitigating the next threat. Existing mitigation strategies have focused primarily on solutions that consider software or hardware aspects, often ignoring the human factor. This paper takes a first step towards psychology-informed,…
▽ More
Cyberspace is an ever-evolving battleground involving adversaries seeking to circumvent existing safeguards and defenders aiming to stay one step ahead by predicting and mitigating the next threat. Existing mitigation strategies have focused primarily on solutions that consider software or hardware aspects, often ignoring the human factor. This paper takes a first step towards psychology-informed, active defense strategies, where we target biases that human beings are susceptible to under conditions of uncertainty.
Using capture-the-flag events, we create realistic challenges that tap into a particular cognitive bias: representativeness. This study finds that this bias can be triggered to thwart hacking attempts and divert hackers into non-vulnerable attack paths. Participants were exposed to two different challenges designed to exploit representativeness biases. One of the representativeness challenges significantly thwarted attackers away from vulnerable attack vectors and onto non-vulnerable paths, signifying an effective bias-based defense mechanism. This work paves the way towards cyber defense strategies that leverage additional human biases to thwart future, sophisticated adversarial attacks.
△ Less
Submitted 28 April, 2025;
originally announced April 2025.
-
Cyberwar Strategy and Tactics: An Analysis of Cyber Goals, Strategies, Tactics, and Techniques
Authors:
Laura S. Tinnel,
O. Sami Saydjari,
Dave Farrell
Abstract:
Cyberwar strategy and tactics today are primitive and ad-hoc, resulting in an ineffective and reactive cyber fighting force. A Cyberwar Playbook is an encoding of knowledge on how to effectively handle a variety of cyberwar situations. It takes a troubleshooting approach and defines the cyber tactics, techniques and procedures one may employ to counter or avert cyber-based attacks. It provides foc…
▽ More
Cyberwar strategy and tactics today are primitive and ad-hoc, resulting in an ineffective and reactive cyber fighting force. A Cyberwar Playbook is an encoding of knowledge on how to effectively handle a variety of cyberwar situations. It takes a troubleshooting approach and defines the cyber tactics, techniques and procedures one may employ to counter or avert cyber-based attacks. It provides focus and clarity in time of chaos allowing a clear path of response to be chosen.
△ Less
Submitted 1 June, 2024;
originally announced June 2024.
-
Critical Infrastructure Security Goes to Space: Leveraging Lessons Learned on the Ground
Authors:
Tim Ellis,
Briland Hitaj,
Ulf Lindqvist,
Deborah Shands,
Laura Tinnel,
Bruce DeBruhl
Abstract:
Space systems enable essential communications, navigation, imaging and sensing for a variety of domains, including agriculture, commerce, transportation, and emergency operations by first responders. Protecting the cybersecurity of these critical infrastructure systems is essential. While the space environment brings unique constraints to managing cybersecurity risks, lessons learned about risks a…
▽ More
Space systems enable essential communications, navigation, imaging and sensing for a variety of domains, including agriculture, commerce, transportation, and emergency operations by first responders. Protecting the cybersecurity of these critical infrastructure systems is essential. While the space environment brings unique constraints to managing cybersecurity risks, lessons learned about risks and effective defenses in other critical infrastructure domains can help us to design effective defenses for space systems. In particular, discoveries regarding cybersecurity for industrial control systems (ICS) for energy, manufacturing, transportation, and the consumer and industrial Internet of Things (IoT) offer insights into cybersecurity for the space domain. This paper provides an overview of ICS and space system commonalities, lessons learned about cybersecurity for ICS that can be applied to space systems, and recommendations for future research and development to secure increasingly critical space systems.
△ Less
Submitted 26 September, 2023;
originally announced September 2023.
