Communications of the ACM
Preventing 'cyber Pearl Harbor'
Credit: Commissum
U.S. Secretary of Defense Leon E. Panetta recently warned that the U.S. was facing the possibility of a "cyber-Pearl Harbor" and was increasingly vulnerable to foreign computer hackers who could disrupt the government, utility, transportation, and financial networks. The key to protecting online operations is a high degree of cybersecurity awareness, says human factors/ergonomics researchers Varun Dutt, Young-Suk Ahn, and Cleotilde Gonzalez. The researchers have developed a computer model that presents 500 simulated cyberattack scenarios to gauge simulated network security analysts' ability to detect attacks characterized as either "impatient," meaning the threat occurs early in the attack; or "patient," meaning the threat comes later in the attack and is not detected right away.
The model was able to predict the detection rates of security analysts by varying the analysts' degree of experience and risk tolerance as well as an attacker's strategy. The researchers found that experienced, risk-averse analysts were less accurate at detecting threats in patient than in impatient attacks.
"In a patient attack, when the attacker waits until the end to generate threats, the experiences in the analyst's memory that indicate an attack" are not as readily retrieved, Dutt says, which "makes it difficult to correctly detect patient attacks."
From Human Factors and Ergonomics Society
View Full Article
Abstracts Copyright © 2012 Information Inc., Bethesda, Maryland, USA
No entries found