{"title":"网络防御分析人员网络认知态势感知特征的任务分析","authors":"R. Gutzwiller, Sarah M. Hunt, D. Lange","doi":"10.1109/COGSIMA.2016.7497780","DOIUrl":null,"url":null,"abstract":"Cyberspace is an increasingly crucial part of everyday living. We have long recognized that defending this space is complex, requiring information integration, and decisions of man and machine to coalesce in a dynamic environment full of shifting priorities. These properties suggest that, as in other domains with similar characteristics, situation awareness (SA) of a human cyber defender is paramount to the quality of decision outcomes in cyber defense. The majority of existing research in cyber situation awareness, centers on information systems and computers, which piece together disparate data. Fused data from multiple sources, for example, is necessary for cyberspace visualization efforts. The judgment for successful cyber SA from this perspective is different from one that is human-centered. In comparison, we rarely assess human cognitive awareness in cyberspace. In part, this reflects a need, based on prior theory, to first define critical elements of information that the human must perceive, work to elucidate how humans combine these elements to comprehend the state of the network, and how together, this awareness helps analysts predict the future state of the network. In other words, although data fusion can provide value by reducing the cognitive load created to piece together disparate sources of information, human awareness of the network (cyber-cognitive situation awareness - CCSA) is perhaps the ultimate intermediary for defense performance. Toward such an understanding, we discuss the results of a cognitive task analysis (CTA) which sought to determine the goals and abstracted elements of awareness that cyber analysts seek in network defense. We present the foundation for a series of planned experiments that establishes CCSA measurement, and baselines the efforts of cyber defenders. Once assessed, we can then begin to consider the help offered by fusion systems, automation of defensive capabilities, and cyber visualizations in a methodologically rigorous manner that has been lacking.","PeriodicalId":194697,"journal":{"name":"2016 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA)","volume":"199 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"45","resultStr":"{\"title\":\"A task analysis toward characterizing cyber-cognitive situation awareness (CCSA) in cyber defense analysts\",\"authors\":\"R. Gutzwiller, Sarah M. Hunt, D. Lange\",\"doi\":\"10.1109/COGSIMA.2016.7497780\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cyberspace is an increasingly crucial part of everyday living. We have long recognized that defending this space is complex, requiring information integration, and decisions of man and machine to coalesce in a dynamic environment full of shifting priorities. These properties suggest that, as in other domains with similar characteristics, situation awareness (SA) of a human cyber defender is paramount to the quality of decision outcomes in cyber defense. The majority of existing research in cyber situation awareness, centers on information systems and computers, which piece together disparate data. Fused data from multiple sources, for example, is necessary for cyberspace visualization efforts. The judgment for successful cyber SA from this perspective is different from one that is human-centered. In comparison, we rarely assess human cognitive awareness in cyberspace. In part, this reflects a need, based on prior theory, to first define critical elements of information that the human must perceive, work to elucidate how humans combine these elements to comprehend the state of the network, and how together, this awareness helps analysts predict the future state of the network. In other words, although data fusion can provide value by reducing the cognitive load created to piece together disparate sources of information, human awareness of the network (cyber-cognitive situation awareness - CCSA) is perhaps the ultimate intermediary for defense performance. Toward such an understanding, we discuss the results of a cognitive task analysis (CTA) which sought to determine the goals and abstracted elements of awareness that cyber analysts seek in network defense. We present the foundation for a series of planned experiments that establishes CCSA measurement, and baselines the efforts of cyber defenders. Once assessed, we can then begin to consider the help offered by fusion systems, automation of defensive capabilities, and cyber visualizations in a methodologically rigorous manner that has been lacking.\",\"PeriodicalId\":194697,\"journal\":{\"name\":\"2016 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA)\",\"volume\":\"199 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-03-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"45\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/COGSIMA.2016.7497780\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/COGSIMA.2016.7497780","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A task analysis toward characterizing cyber-cognitive situation awareness (CCSA) in cyber defense analysts
Cyberspace is an increasingly crucial part of everyday living. We have long recognized that defending this space is complex, requiring information integration, and decisions of man and machine to coalesce in a dynamic environment full of shifting priorities. These properties suggest that, as in other domains with similar characteristics, situation awareness (SA) of a human cyber defender is paramount to the quality of decision outcomes in cyber defense. The majority of existing research in cyber situation awareness, centers on information systems and computers, which piece together disparate data. Fused data from multiple sources, for example, is necessary for cyberspace visualization efforts. The judgment for successful cyber SA from this perspective is different from one that is human-centered. In comparison, we rarely assess human cognitive awareness in cyberspace. In part, this reflects a need, based on prior theory, to first define critical elements of information that the human must perceive, work to elucidate how humans combine these elements to comprehend the state of the network, and how together, this awareness helps analysts predict the future state of the network. In other words, although data fusion can provide value by reducing the cognitive load created to piece together disparate sources of information, human awareness of the network (cyber-cognitive situation awareness - CCSA) is perhaps the ultimate intermediary for defense performance. Toward such an understanding, we discuss the results of a cognitive task analysis (CTA) which sought to determine the goals and abstracted elements of awareness that cyber analysts seek in network defense. We present the foundation for a series of planned experiments that establishes CCSA measurement, and baselines the efforts of cyber defenders. Once assessed, we can then begin to consider the help offered by fusion systems, automation of defensive capabilities, and cyber visualizations in a methodologically rigorous manner that has been lacking.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
