8,578 research outputs found
On the complexity of collaborative cyber crime investigations
This article considers the challenges faced by digital evidence specialists when collaborating with other specialists and agencies in other jurisdictions when investigating cyber crime. The opportunities, operational environment and modus operandi of a cyber criminal are considered, with a view to developing the skills and procedural support that investigators might usefully consider in order to respond more effectively to the investigation of cyber crimes across State boundaries
Teamwork in Cybersecurity: Evaluating the Cooperative Board Game [d0x3d!] as an Experimental Testbed
It is crucial to identify the knowledge, skills, and attitudes (KSAs) that contribute to success in cybersecurity teams. We introduce a board game, [d0x3d!], as an experimental testbed designed to create a controlled environment and set of manageable tasks aimed at exploring teamwork competencies that may be relevant to the cybersecurity workforce. [d0x3d!] requires players to work together and share information to retrieve stolen digital assets. The authors aim to improve the efficacy of cybersecurity team training by incorporating modern teamwork theory and measurement. This testbed provides a low-cost and user-friendly platform for training, evaluation, and research
Information Pooling Bias in Collaborative Cyber Forensics
abstract: Cyber threats are growing in number and sophistication making it important to continually study and improve all dimensions of cyber defense. Human teamwork in cyber defense analysis has been overlooked even though it has been identified as an important predictor of cyber defense performance. Also, to detect advanced forms of threats effective information sharing and collaboration between the cyber defense analysts becomes imperative. Therefore, through this dissertation work, I took a cognitive engineering approach to investigate and improve cyber defense teamwork. The approach involved investigating a plausible team-level bias called the information pooling bias in cyber defense analyst teams conducting the detection task that is part of forensics analysis through human-in-the-loop experimentation. The approach also involved developing agent-based models based on the experimental results to explore the cognitive underpinnings of this bias in human analysts. A prototype collaborative visualization tool was developed by considering the plausible cognitive limitations contributing to the bias to investigate whether a cognitive engineering-driven visualization tool can help mitigate the bias in comparison to off-the-shelf tools. It was found that participant teams conducting the collaborative detection tasks as part of forensics analysis, experience the information pooling bias affecting their performance. Results indicate that cognitive friendly visualizations can help mitigate the effect of this bias in cyber defense analysts. Agent-based modeling produced insights on internal cognitive processes that might be contributing to this bias which could be leveraged in building future visualizations. This work has multiple implications including the development of new knowledge about the science of cyber defense teamwork, a demonstration of the advantage of developing tools using a cognitive engineering approach, a demonstration of the advantage of using a hybrid cognitive engineering methodology to study teams in general and finally, a demonstration of the effect of effective teamwork on cyber defense performance.Dissertation/ThesisDoctoral Dissertation Applied Psychology 201
Socio-technical communication: The Hybrid Space and the OLB-Model for science-based cyber education
publishedVersio
Kinetic and Cyber
We compare and contrast situation awareness in cyber warfare and in
conventional, kinetic warfare. Situation awareness (SA) has a far longer
history of study and applications in such areas as control of complex
enterprises and in conventional warfare, than in cyber warfare. Far more is
known about the SA in conventional military conflicts, or adversarial
engagements, than in cyber ones. By exploring what is known about SA in
conventional, also commonly referred to as kinetic, battles, we may gain
insights and research directions relevant to cyber conflicts. We discuss the
nature of SA in conventional (often called kinetic) conflict, review what is
known about this kinetic SA (KSA), and then offer a comparison with what is
currently understood regarding the cyber SA (CSA). We find that challenges and
opportunities of KSA and CSA are similar or at least parallel in several
important ways. With respect to similarities, in both kinetic and cyber worlds,
SA strongly impacts the outcome of the mission. Also similarly, cognitive
biases are found in both KSA and CSA. As an example of differences, KSA often
relies on commonly accepted, widely used organizing representation - map of the
physical terrain of the battlefield. No such common representation has emerged
in CSA, yet.Comment: A version of this paper appeared as a book chapter in Cyber Defense
and Situational Awareness, Springer, 2014. Prepared by US Government
employees in their official duties; approved for public release, distribution
unlimited. Cyber Defense and Situational Awareness. Springer International
Publishing, 2014. 29-4
Cybersecurity Incident Response in Organisations: A Meta-level Framework for Scenario-based Training
Cybersecurity Incident Response (IR) teams mitigate the impact of adverse cyber-related events in organisations. Field studies of IR teams suggest that at present the process of IR is underdeveloped with a focus on the technological dimension with little consideration of practice capability. To improve IR capabilities, we develop a scenario-based training approach to assist organisations to overcome socio-technical barriers to IR. The training approach is informed by a comprehensive list of socio-technical barriers compiled from a review of the literature. Our primary contribution is a novel meta-level framework to generate scenarios specifically targeting socio-technical issues. As a first step towards demonstrating the utility of the framework, a proof-of-concept scenario is presented
Integrating requirements of Industry 4.0 into maritime education and training: case study of Vietnam
- …