Are Cyber Attackers Thinking Fast and Slow? Exploratory Analysis Reveals Evidence of Decision-Making Biases in Red Teamers
Title | Are Cyber Attackers Thinking Fast and Slow? Exploratory Analysis Reveals Evidence of Decision-Making Biases in Red Teamers |
Publication Type | Conference Paper |
Year of Publication | 2019 |
Authors | Robert Gutzwiller, Kimberly Ferguson-Walter, Sunny Fugate |
Conference Name | Human Factors and Ergonomics Society Annual Meeting |
Date Published | October 2019 |
Publisher | Research Gate |
Conference Location | Seattle, WA |
Keywords | Cognitive Security, Cognitive Security in Cyber, cyber attackers, decision making process, red teamers |
Abstract | We report on whether cyber attacker behaviors contain decision making biases. Data from a prior experiment were analyzed in an exploratory fashion, making use of think-aloud responses from a small group of red teamers. The analysis provided new observational evidence of traditional decision-making biases in red team behaviors (confirmation bias, anchoring, and take-the-best heuristic use). These biases may disrupt red team decisions and goals, and simultaneously increase their risk of detection. Interestingly, at least part of the bias induction may be related to the use of cyber deception. Future directions include the development of behavioral measurement techniques for these and additional cognitive biases in cyber operators, examining the role of attacker traits, and identifying the conditions where biases can be induced successfully in experimental conditions. |
URL | https://www.researchgate.net/profile/Robert_Gutzwiller/publication/334376417_Are_Cyber_Attackers_Thi... |
Citation Key | node-62558 |