HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation
Conference papers

Cognitive Task Analysis Based Training for Cyber Situation Awareness

Abstract : Cyber attacks have been increasing significantly in both number and complexity, prompting the need for better training of cyber defense analysts. To conduct effective training for cyber situation awareness, it becomes essential to design realistic training scenarios. In this paper, we present a Cognitive Task Analysis based approach to address this training need. The technique of Cognitive Task Analysis is to capture and represent knowledge used by experts to perform complex tasks. Accurate characterization of cyber security experts’ cognitive processes can be incorporated into training materials to teach novice cyber analysts how to think and act like experts. After performing Cognitive Task Analysis of cyber situation awareness, we identify the steps necessary for designing training scenarios and training workflows. In order to address the challenge of information overload confronting the cyber analysts, we identify and design attack-specific watch list items. During training, cyber analysts can tailor their own watch list items and triggering thresholds in order to detect cyber attacks faster. As the time it takes for cyber analysts to recognize, analyze, and respond to attacks is critical, we evaluate cyber analysts’ performance based on their response time compared with the ideal attack timeline.
Document type :
Conference papers
Complete list of metadata

Cited literature [13 references]  Display  Hide  Download

Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Monday, June 20, 2016 - 4:53:56 PM
Last modification on : Tuesday, June 21, 2016 - 9:51:38 AM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Zequn Huang, Chien-Chung Shen, Sheetal Doshi, Nimmi Thomas, Ha Duong. Cognitive Task Analysis Based Training for Cyber Situation Awareness. 9th IFIP World Conference on Information Security Education (WISE), May 2015, Hamburg, Germany. pp.27-40, ⟨10.1007/978-3-319-18500-2_3⟩. ⟨hal-01334285⟩



Record views


Files downloads