Department of Psychology, Carnegie Mellon University.
Social and Decision Sciences Department, Carnegie Mellon University.
Top Cogn Sci. 2020 Jul;12(3):992-1011. doi: 10.1111/tops.12513. Epub 2020 Jul 28.
Recent research in cybersecurity has begun to develop active defense strategies using game-theoretic optimization of the allocation of limited defenses combined with deceptive signaling. These algorithms assume rational human behavior. However, human behavior in an online game designed to simulate an insider attack scenario shows that humans, playing the role of attackers, attack far more often than predicted under perfect rationality. We describe an instance-based learning cognitive model, built in ACT-R, that accurately predicts human performance and biases in the game. To improve defenses, we propose an adaptive method of signaling that uses the cognitive model to trace an individual's experience in real time. We discuss the results and implications of this adaptive signaling method for personalized defense.
最近的网络安全研究开始开发使用博弈论优化有限防御分配的主动防御策略,同时结合欺骗性信号。这些算法假设人类行为是理性的。然而,在一个旨在模拟内部攻击场景的在线游戏中,人类行为表明,扮演攻击者角色的人类攻击的频率远远高于完全理性情况下的预测。我们描述了一个基于实例的学习认知模型,该模型构建在 ACT-R 中,可以准确预测人类在游戏中的表现和偏差。为了改进防御,我们提出了一种自适应信号发送方法,该方法使用认知模型实时跟踪个体的经验。我们讨论了这种自适应信号发送方法对个性化防御的结果和影响。
