Faculty Recruiting Support CICS

UMass Security Speaker Series

17 Nov
Tuesday, 11/17/2020 2:30pm to 3:30pm
Virtual via Zoom
Special Event
Speaker: Kimberly Ferguson-Walter

Title: Understanding Cognitive Security to Improve Cyber Security

Abstract: Oppositional Human Factors are a new way to apply well-known research on decision-making biases and human attention allocation to disrupt potential cyber attackers and provide much-needed asymmetric benefits to the defender. There has been significant research on how we perform cyber defense tasks and how we should present information to operators, cyber defenders, and analysts to make them more efficient and more effective. Inverting human factors can aid in cyber defense by flipping well-known guidelines and using them to degrade and disrupt the performance of a cyber attacker. Defensive cyber deception is one well-research technique used to induce some of these cognitive biases in cyber attackers. We designed the Tularosa Study, to better understand how defensive deception, both cyber and psychological, affect cyber attack behavior. Over 130 red teamers participated in a network penetration test over two days in which we controlled both the presence of and explicit mention of deceptive defensive techniques. To our knowledge, this represents the largest study of its kind ever conducted on a skilled red team population. We present results supporting a new finding that the combination of the presence of deception and the true information that deception is present has the greatest effect on cyber attackers, when compared to a control condition in which no deception was used.

Biography: Dr. Kimberly Ferguson-Walter is a Senior Research Scientist with the National Security Agency's Laboratory for Advanced Cybersecurity Research. She earned a BS in Information and Computer Science from the University of California Irvine, cum laude, with a specialization in artificial intelligence and her MS and PhD in Computer Science from the University of Massachusetts Amherst. Her research interests are focused on the intersection of computer security, artificial intelligence, and human behavior. In addition to cyber security, her research background includes reinforcement learning, transfer learning, representation learning, and intelligent tutoring systems. She has been focused on adaptive cybersecurity at the NSA for the past ten years and is the lead for the Research Directorate's deception for cyber-defense effort. She is currently on joint-duty assignment to the Naval Information Warfare Center Pacific to perform collaborative research and facilitate strategic alignment and technology transfers. She has organized international workshops on cyber deception, autonomous cyber operations, and cognitive security. Dr Ferguson-Walter is a founding member of the Cybersecurity Technical Group of the Human Factors and Ergonomics Society (HFES) and co-chairs a mini-track at the Hawaiian International Conference on System Science (HICSS) on Cyber Deception and Cyber Psychology for Defense.

To obtain the Zoom information for this event, please see the announcement from Brian Levine on the CICS seminars mailing list.