Biblio
This article describes an emerging direction in the intersection between human-computer interaction and cognitive science: the use of cognitive models to give insight into the challenges of cybersecurity. The article gives a brief overview of work in different areas of cybersecurity where cognitive modeling research plays a role, with regard to direct interaction between end users and computer systems and with regard to the needs of security analysts working behind the scenes. The problem of distinguishing between human users and automated agents (bots) interacting with computer systems is introduced, as well as ongoing efforts toward building Human Subtlety Proofs, persistent and unobtrusive windows into human cognition with direct application to cybersecurity. Two computer games are described, proxies to illustrate different ways in which cognitive modeling can potentially contribute to the development of HSPs and similar cybersecurity applications.
Bot detection - identifying a software program that's using a computer system – is an increasingly necessary security task. Existing solutions balance proof of human identity with unobtrusiveness in users' workflows. Cognitive modeling and natural interaction might provide stronger security and less intrusiveness.
AbstractThis article describes an emerging direction in the intersection between human-computer interaction and cognitive science: the use of cognitive models to give insight into the challenges of cybersecurity. The article gives a brief overview of work in different areas of cybersecurity where cognitive modeling research plays a role, with regard to direct interaction between end users and computer systems and with regard to the needs of security analysts working behind the scenes. The problem of distinguishing between human users and automated agents (bots) interacting with computer systems is introduced, as well as ongoing efforts toward building Human Subtlety Proofs, persistent and unobtrusive windows into human cognition with direct application to cybersecurity. Two computer games are described, proxies to illustrate different ways in which cognitive modeling can potentially contribute to the development of HSPs and similar cybersecurity applications.