EAGER: Collaborative: Computational Cognitive Modeling of User Security and Incentive Behaviors

EAGER：协作：用户安全和激励行为的计算认知建模

• 批准号: 1544493
• 负责人: Anton Dahbura
• 金额: $ 21.17万
• 依托单位: Johns Hopkins University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2015
• 资助国家: 美国
• 起止时间: 2015-09-01 至 2019-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1544493&HistoricalAwards=false
• 关键词: EAGER; Collaborative; Computational; Cognitive; Modeling

User behavior is a critical element in the success or failure of computer security protections. The field of Human Security Informatics (HSI) combines security informatics and human-computer interaction design to learn how the design of a human-computer interface can affect the security of a computer system. This research project is contributing to the scientific foundations of HSI by modeling how multitasking users behave when making security-critical decisions. In particular, the researchers are modeling user behavior when the users are engaged in typical PC-based mobile messaging with security concerns such as phishing or spam. The project is evaluating how well the models capture the impact of incentives and interventions on user security behaviors.This project extends the cognitive modeling (CogM) architecture to characterize and improve user security decision-making and behaviors. Focusing on cognitive constructs in the ACT-R and Soar architectures, it models the multi-tasking application and security activities with varying cognitive traits and security constraints, through representations of productions and information chunks, as well as their utility and activation calculations. An analytic user model not only describes a problem in making a security decision, but also can explain why and how it happens for incentive and intervention selection. Moreover, CogM models and empirical user testing comparatively study common and advanced users in typical messaging applications, regarding security mistakes and efficiency in task completion. This project is focused on establishing the principles for analytically modeling user cyber behaviors and bridging the gap from understanding security behaviors to effectively improving security performance.

用户行为是计算机安全保护成功或失败的关键因素。人类安全信息学（HSI）将安全信息学与人机交互设计相结合，学习人机界面的设计如何影响计算机系统的安全性。该研究项目通过模拟多任务用户在做出安全关键决策时的行为，为HSI的科学基础做出了贡献。特别是，当用户使用典型的基于pc的移动信息时，研究人员正在模拟用户行为，并考虑到网络钓鱼或垃圾邮件等安全问题。该项目正在评估这些模型如何很好地捕捉激励和干预对用户安全行为的影响。该项目扩展了认知建模（CogM）体系结构，以表征和改进用户安全决策和行为。重点关注ACT-R和Soar架构中的认知结构，通过产品和信息块的表示，以及它们的效用和激活计算，对具有不同认知特征和安全约束的多任务应用程序和安全活动进行建模。分析用户模型不仅描述了安全决策中的问题，而且可以解释激励和干预选择中的问题发生的原因和方式。此外，CogM模型和经验用户测试比较研究了典型消息传递应用中普通用户和高级用户的安全错误和任务完成效率。本项目的重点是建立用户网络行为分析建模的原则，弥合从理解安全行为到有效提高安全性能的差距。