Skip to Main content Skip to Navigation
Conference papers

Cognitive Task Analysis Based Training for Cyber Situation Awareness

Abstract : Cyber attacks have been increasing significantly in both number and complexity, prompting the need for better training of cyber defense analysts. To conduct effective training for cyber situation awareness, it becomes essential to design realistic training scenarios. In this paper, we present a Cognitive Task Analysis based approach to address this training need. The technique of Cognitive Task Analysis is to capture and represent knowledge used by experts to perform complex tasks. Accurate characterization of cyber security experts’ cognitive processes can be incorporated into training materials to teach novice cyber analysts how to think and act like experts. After performing Cognitive Task Analysis of cyber situation awareness, we identify the steps necessary for designing training scenarios and training workflows. In order to address the challenge of information overload confronting the cyber analysts, we identify and design attack-specific watch list items. During training, cyber analysts can tailor their own watch list items and triggering thresholds in order to detect cyber attacks faster. As the time it takes for cyber analysts to recognize, analyze, and respond to attacks is critical, we evaluate cyber analysts’ performance based on their response time compared with the ideal attack timeline.
Complete list of metadatas

Cited literature [13 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-01334285
Contributor : Hal Ifip <>
Submitted on : Monday, June 20, 2016 - 4:53:56 PM
Last modification on : Tuesday, June 21, 2016 - 9:51:38 AM

File

337941_1_En_3_Chapter.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Zequn Huang, Chien-Chung Shen, Sheetal Doshi, Nimmi Thomas, Ha Duong. Cognitive Task Analysis Based Training for Cyber Situation Awareness. 9th IFIP World Conference on Information Security Education (WISE), May 2015, Hamburg, Germany. pp.27-40, ⟨10.1007/978-3-319-18500-2_3⟩. ⟨hal-01334285⟩

Share

Metrics

Record views

198

Files downloads

281