EAGER: Collaborative: Computational Cognitive Modeling of User Security and Incentive Behaviors

EAGER：协作：用户安全和激励行为的计算认知建模

• 批准号: 1544493
• 负责人: Anton Dahbura
• 金额: $ 21.17万
• 依托单位: Johns Hopkins University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2015
• 资助国家: 美国
• 起止时间: 2015-09-01 至 2019-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1544493&HistoricalAwards=false
• 关键词: EAGER; Collaborative; Computational; Cognitive; Modeling

User behavior is a critical element in the success or failure of computer security protections. The field of Human Security Informatics (HSI) combines security informatics and human-computer interaction design to learn how the design of a human-computer interface can affect the security of a computer system. This research project is contributing to the scientific foundations of HSI by modeling how multitasking users behave when making security-critical decisions. In particular, the researchers are modeling user behavior when the users are engaged in typical PC-based mobile messaging with security concerns such as phishing or spam. The project is evaluating how well the models capture the impact of incentives and interventions on user security behaviors.This project extends the cognitive modeling (CogM) architecture to characterize and improve user security decision-making and behaviors. Focusing on cognitive constructs in the ACT-R and Soar architectures, it models the multi-tasking application and security activities with varying cognitive traits and security constraints, through representations of productions and information chunks, as well as their utility and activation calculations. An analytic user model not only describes a problem in making a security decision, but also can explain why and how it happens for incentive and intervention selection. Moreover, CogM models and empirical user testing comparatively study common and advanced users in typical messaging applications, regarding security mistakes and efficiency in task completion. This project is focused on establishing the principles for analytically modeling user cyber behaviors and bridging the gap from understanding security behaviors to effectively improving security performance.

用户行为是计算机安全保护成功或失败的关键要素。 人类安全信息学领域（HSI）结合了安全信息学和人机交互设计，以了解人类计算机界面的设计如何影响计算机系统的安全性。该研究项目通过建模多任务用户在做出关键安全决策时的行为方式来为HSI的科学基础做出贡献。 特别是，当用户从事典型的基于PC的移动消息传递以及诸如网络钓鱼或垃圾邮件等安全问题时，研究人员正在对用户行为进行建模。 该项目正在评估模型如何捕获激励措施和干预措施对用户安全行为的影响。此项目扩展了认知建模（COGM）体系结构，以表征和改善用户安全决策和行为。它专注于ACT-R和SOAR体系结构中的认知构造，它通过制作和信息块的表示以及其实用性和激活计算，对具有不同认知性状和安全约束的多任务应用程序和安全活动建模。一个分析用户模型不仅描述了做出安全决定的问题，而且可以解释激励和干预选择的原因以及如何发生。此外，关于安全错误和任务完成效率，COGM模型和经验用户测试相对研究了典型消息传递应用程序中的常见和高级用户。该项目的重点是建立分析对用户网络行为进行分析的原则，并弥合从了解安全行为到有效提高安全性能的差距。