Cyber Deception

Cyber deception could help defenders to engage attackers early in the reconnaissance phase and disrupt and disable potential attacks. Past research on cyber deception has shown effectiveness on simulated experiments but are ineffective when evaluated in practice (i.e., with human attackers). To address these issues, we design deception algorithms, develop human-in-the-loop experiments to evaluate the algorithms and predicting attackers’ actions in advance through cognitive modeling to inform and improve optimal algorithms. 

Cognitive Security

Humans are subject to cognitive limitations and bias, which leads to suboptimal decisions. For the defender and end-users, cognitive bias can negatively impact the judgment of threats and the ability to evaluate courses of action. For the attacker, it can lead to time-consuming mistakes or nonoptimal sequences of decisions, which creates opportunities to frustrate, curtail, or halt the attack completely. The goal of this reach is to better understand these cognitive biases and strengthen cybersecurity by exploiting attacker's biases to improve cybersecurity.

Social Engineering 

End-users are the easiest target for cyber attackers. Social Engineering attacks against end-users could be mitigated through effective training. The existing training methods either provide reading material or are designed for larger populations. To solve this problem, we work towards developing cognitive models to train end-users on detecting email phishing attacks. The goal of this research is to improve the capabilities of the cognitive tutors to provide personalized training and integrate this approach to cybersecurity education in general.