Human Subject Research Protocol: Computer-Aided Human Centric Cyber Situation Awareness: Understanding Cognitive Processes of Cyber Analysts

Report No. ARL-TR-6731
Authors: Peng Liu, Robert Erbacher, William Glodek, Renee E. Etoty, and John Yen
Date/Pages: November 2013; 26 pages
Abstract: The purpose of this research study is to understand the cognitive process of cyber-security analysts when defending cyber-attacks. Twelve subjects have been recruited from Adelphi Laboratory Center (ALC) of the U.S. Army Research Laboratory (ARL). Each participant is asked to do one or more sessions so that the outcomes can be compared to answer research questions. In the study, subjects play the role of cyber security analysts and are asked to analyze data sources (e.g., network topology and policy, IDS alerts, firewall logs) of the computer network of a large organization to identify suspected attacks, type of attacks, key events or evidence, and associated hypotheses or questions to guide further investigation toward drawing a conclusion. The subjects receive training for the task, complete Pre-Task and Post-Task Questionnaires, and receive no compensation for participating in the study. This research protocol is for continuing the study in collaboration with co-PIs and Associate Investigator of ARL.
Distribution: Approved for public release
  Download Report ( 1.317 MBytes )
If you are visually impaired or need a physical copy of this report, please visit and contact DTIC.
 

Last Update / Reviewed: November 1, 2013