Visible to the public Are Cyber Attackers Thinking Fast and Slow? Exploratory Analysis Reveals Evidence of Decision-Making Biases in Red TeamersConflict Detection Enabled

TitleAre Cyber Attackers Thinking Fast and Slow? Exploratory Analysis Reveals Evidence of Decision-Making Biases in Red Teamers
Publication TypeConference Paper
Year of Publication2019
AuthorsRobert Gutzwiller, Kimberly Ferguson-Walter, Sunny Fugate
Conference NameHuman Factors and Ergonomics Society Annual Meeting
Date PublishedOctober 2019
PublisherResearch Gate
Conference LocationSeattle, WA
KeywordsCognitive Security, Cognitive Security in Cyber, cyber attackers, decision making process, red teamers
Abstract

We report on whether cyber attacker behaviors contain decision making biases. Data from a prior experiment were analyzed in an exploratory fashion, making use of think-aloud responses from a small group of red teamers. The analysis provided new observational evidence of traditional decision-making biases in red team behaviors (confirmation bias, anchoring, and take-the-best heuristic use). These biases may disrupt red team decisions and goals, and simultaneously increase their risk of detection. Interestingly, at least part of the bias induction may be related to the use of cyber deception. Future directions include the development of behavioral measurement techniques for these and additional cognitive biases in cyber operators, examining the role of attacker traits, and identifying the conditions where biases can be induced successfully in experimental conditions.

URLhttps://www.researchgate.net/profile/Robert_Gutzwiller/publication/334376417_Are_Cyber_Attackers_Thi...
Citation Keynode-62558