Cyber Vigilance: The Human Factor
Abstract
Cyber-defenders face lengthy, repetitive work assignments with few critical signals and little control over what transpires. Their task is one of vigilance, well studied in contexts including air traffic control and medical monitoring. Cyber-defense display information density is several orders of magnitude above that seen in the aforementioned domains, and therefore blindly generalizing prior research is inadvisable. To understand this unique domain, we asked participants to perform a simulated cybersecurity task, searching for attack signatures in Internet traffic information. Consistent with results observed in "traditional" vigilance paradigms, signal detection declined significantly over time, it was directly related to signal probability, and it was inversely related to event rate. Reported high mental workload accompanied such degraded performance. These results highlight the necessity for understanding the physical and cognitive ergonomics underlying cyber-defense. They also suggest vulnerability to denial and deception (D and D) tactics which would effectively hack the human rather than the machine.
Document Details
- Document Type
- Technical Report
- Publication Date
- Oct 21, 2016
- Accession Number
- AD1021913
Entities
People
- Ben D. Sawyer
- Gerald Matthews
- Gregory J. Funke
- Joel S. Warm
- Matthew Funke
- Peter A. Hancock
- Victor S. Finomore
- Vincent Mancuso
Organizations
- 711th Human Performance Wing