EAGER: Collaborative: Computational Cognitive Modeling of User Security and Incentive Behaviors

EAGER：协作：用户安全和激励行为的计算认知建模

• 批准号: 1620862
• 负责人: Kaiqi Xiong
• 金额: $ 8.24万
• 依托单位: University of South Florida
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2015
• 资助国家: 美国
• 起止时间: 2015-09-01 至 2020-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1620862&HistoricalAwards=false
• 关键词: EAGER; Collaborative; Computational; Cognitive; Modeling

User behavior is a critical element in the success or failure of computer security protections. The field of Human Security Informatics (HSI) combines security informatics and human-computer interaction design to learn how the design of a human-computer interface can affect the security of a computer system. This research project is contributing to the scientific foundations of HSI by modeling how multitasking users behave when making security-critical decisions. In particular, the researchers are modeling user behavior when the users are engaged in typical PC-based mobile messaging with security concerns such as phishing or spam. The project is evaluating how well the models capture the impact of incentives and interventions on user security behaviors.This project extends the cognitive modeling (CogM) architecture to characterize and improve user security decision-making and behaviors. Focusing on cognitive constructs in the ACT-R and Soar architectures, it models the multi-tasking application and security activities with varying cognitive traits and security constraints, through representations of productions and information chunks, as well as their utility and activation calculations. An analytic user model not only describes a problem in making a security decision, but also can explain why and how it happens for incentive and intervention selection. Moreover, CogM models and empirical user testing comparatively study common and advanced users in typical messaging applications, regarding security mistakes and efficiency in task completion. This project is focused on establishing the principles for analytically modeling user cyber behaviors and bridging the gap from understanding security behaviors to effectively improving security performance.

用户行为是影响计算机安全防护成败的关键因素。人类安全信息学(HSI)领域将安全信息学和人机交互设计结合在一起，学习人机接口设计如何影响计算机系统的安全。这项研究项目通过模拟多任务用户在做出安全关键决策时的行为，为HSI的科学基础做出了贡献。特别是，研究人员正在对用户在进行典型的基于PC的移动消息传递时的用户行为进行建模，这些移动消息具有安全方面的考虑，如网络钓鱼或垃圾邮件。该项目正在评估模型如何很好地捕捉激励和干预对用户安全行为的影响。该项目扩展了认知建模(CogM)架构，以表征和改进用户安全决策和行为。它着眼于ACT-R和SOAR体系结构中的认知结构，通过产品和信息块的表示以及它们的效用和激活计算，对具有不同认知特征和安全约束的多任务应用和安全活动进行建模。分析型用户模型不仅描述了安全决策中的问题，而且可以解释为什么会发生这种情况，以及如何进行激励和干预选择。此外，CogM模型和经验用户测试对比研究了典型消息传递应用程序中的普通用户和高级用户，研究了任务完成中的安全错误和效率。本项目致力于建立分析建模用户网络行为的原则，并弥合从理解安全行为到有效提高安全性能的差距。