Sage Journals: Discover world-class research

Abstract

Many cybersecurity algorithms assume adversaries make perfectly rational decisions. However, human decisions are only boundedly rational and, according to Instance-Based Learning Theory, are based on the similarity of the present contextual features to past experiences. More must be understood about what available features are represented in the decision and how outcomes are evaluated. To these ends, we examined human behavior in a cybersecurity game designed to simulate an insider attack scenario. In a human-subjects experiment, we manipulated the information made available to participants (concealed or revealed decision probabilities) and the framing of the outcome (as losses or not). An endowment was given to frame negative outcomes as losses, but these were not framed as losses when no endowment was given. The results reveal differences in behavior when some information is concealed, but the framing of outcomes only affects behavior when all information is available. A cognitive model was developed to help understand the cognitive representation of these features and the implications of the behavioral results.

Get full access to this article

View all access options for this article.

References

Anderson

J. R.

Lebiere

(1998). The Atomic Components of Thought. Mahwah, NJ: Erlbaum.

Anderson

J. R.

Bothell

Byrne

M. D.

Douglass

Lebiere

Qin

(2004). An integrated theory of the mind. Psychological Review, 111(4), 1036-1060.

Cranford

E. A.

Lebiere

Gonzalez

Cooney

Vayanos

Tambe

(2018). Learning about cyber deception through simulations: Predictions of human decision making with deceptive signals in Stackelberg Security Games. In Proceedings of the 40th annual conference of the Cognitive Science Society (pp.258-263). Madison, WI: Cognitive Science Society.

Cranford

E. A.

Gonzalez

Aggarwal

Cooney

Tambe

Lebiere

(2019). Towards personalized deceptive signaling for cyber defense using cognitive models. In Proceedings of the 17th Annual Meeting of the International Conference on Cognitive Modeling. Montreal, CA.

Cranford

E. A.

Gonzalez

Aggarwal

Cooney

Tambe

Lebiere

(2020). Adaptive cyber deception: Cognitively-informed signaling for cyber defense. In Proceedings of the 53rd Hawaii International Conference on System Sciences (pp. 1885-1894). Maui, HI.

Gigerenzer

Todd

P. M.

(1999). Simple heuristics that make us smart. Oxford University Press, USA.

Gonzalez

Lerch

J. F.

Lebiere

(2003). Instance based learning in dynamic decision making. Cognitive Science, 27(4), 591-635.

Gonzalez

(2013). The boundaries of instance-based learning theory for explaining decisions from experience. Progress in Brain Research, 202, 73-98.

Lebiere

(1999). A blending process for aggregate retrievals. In Proceedings of the 6th ACT-R Workshop. George Mason University, Fairfax, Va.

10.

Lebiere

Pirolli

Thomson

Paik

Rutledge-Taylor

Staszewski

Anderson

J. R.

(2013). A functional model of sense- making in a neurocognitive architecture. Computational Intelligence and Neuroscience.

11.

Martin

Lebiere

Fields.

M.A.

Lennon

(2018). Learning features while learning to classify: a cognitive model for autonomous systems. Computational and Mathematical Organization Theory, Special Issue BRIMS 2017.

12.

Rowe

N. C.

Rrushi

(2016). Introduction to Cyberdeception. Switzerland: Springer.

13.

Somers

Mitsopoulos

Lebiere

Thomson

(2019). Cognitive- Level Salience for Explainable Artificial Intelligence. In Proceedings of the 17th Annual Meeting of the International Conference on Cognitive Modeling. Montreal, CA.

14.

Tversky

Kahneman

(1974). Judgment under uncertainty: Heuristics and biases. Science, 185(4157), 1124-1131.

15.

Tversky

Kahneman

(1981). The framing of decisions and the psychology of choice. Science, 211(4481), 453-548.

16.

Rabinovich

Dughmi

Tambe

(2015). Exploring information asymmetry in two-stage security games. In Proceedings of the National Conference on Artificial Intelligence (2, pp. 1057-1063). Austin, TX: Elsevier B.V.

What Attackers Know and What They Have to Lose: Framing Effects on Cyber-attacker Decision Making

Abstract

Get full access to this article

References