COMMANDO-HUMANS: COMputational Modelling and Automatic Non-intrusive Detection Of HUMan behAviour based iNSecurity
COMMANDO-HUMANS:基于 iNSecurity 的人类行为的计算建模和自动非侵入式检测
基本信息
- 批准号:EP/N020111/1
- 负责人:
- 金额:$ 26.52万
- 依托单位:
- 依托单位国家:英国
- 项目类别:Research Grant
- 财政年份:2016
- 资助国家:英国
- 起止时间:2016 至 无数据
- 项目状态:已结题
- 来源:
- 关键词:
项目摘要
This project addresses mainly the Human Factors challenge of the joint Singapore-UK call, and it has an interdisciplinary team with expertise in cyber security, cognitive psychology, and human-computer interface (HCI). It aims at producing direct evidence that human behaviour related insecurity can be detected automatically by applying human cognitive models to model and simulate humans involved in security systems. A key outcome of the project will be a working software system that can be used for this purpose by researchers and practitioners. The project will focus on human user authentication systems as a representative use case and will produce new knowledge on the role of human behaviours in such systems and security systems in general. Both the software framework and new knowledge on human behaviours can also help address other challenges of the call (e.g., detection of intruders/extremists requires knowledge on how they behave; protection of user privacy require knowledge on how human users handle personal data; policy makers need to understand behaviours of their organisations' employees and human attackers targeting their organisations to make more informed decisions).It has been well known that human factors are a very important aspect of cyber security, as recognised by governments all over the world e.g., in the UK Cyber Security Strategy (2011), in Singapore's National Cyber Security Masterplan 2018 (2013), and in the US Federal Cybersecurity Research and Development Strategic Plan (2011). Human related insecurity is often related to intended or unintentional (maybe subconscious) insecure human behaviours. To conduct research on human behaviours (in cyber security, HCI, psychology and other related fields), researchers normally depend on involvement of real human users via surveys, interviews, simulated scenarios, observations of real cases, interactive games, or other specially designed user studies. Such approaches are often time-consuming and costly, and suffer from other issues like limited and/or biased samples, questionable ecological validity, difficulties in reproducing results, and impossibility of running some studies due to ethical/privacy/legal concerns.This project aims at developing the first (to the best our knowledge) general-purpose computational framework and supporting software tools that will enable automatic detection of human behaviour related insecurity at the HCI level without the need to involve real human users. The framework will be built on computational models of human cognitive processes, HCIs, human behaviour related attacks and (in)security measures. The framework will be non-intrusive: instead of evaluating the running system itself, the framework will evaluate an abstract executable model of the system and humans involved. Removing real human users from the process allows faster and more objective inspection of potential insecurity of a given security system. The automated process can still be combined with traditional user studies to make better use of limited resources in automatically detecting potential insecurity problems deserving further manual analysis.The framework and software tools developed will be of great value for cyber security researchers, security system designers/developers and security industry to deliver securer systems to end users. As a natural byproduct, they will also allow easier evaluation of usability of security and non-security related computer systems with an HCI. As we mentioned above in this summary, people having concerns on other challenges of the call can benefit from the project's outcomes as well.In this project we will focus mainly on HCI-level ("micro") human behaviours, but possible extensions to higher-level ("macro") behaviours (e.g., how human users adapt their behaviours over time via rehearsals and learning) will be looked at as well to pave the way for our future research.
该项目主要解决新加坡-英国联合通话中的人为因素挑战,并拥有一支在网络安全、认知心理学和人机界面(HCI)方面拥有专业知识的跨学科团队。它的目的是提供直接证据,证明可以通过应用人类认知模型对参与安全系统的人类进行建模和模拟,从而自动检测与不安全有关的人类行为。该项目的一个关键成果将是一个可供研究人员和从业人员用于这一目的的工作软件系统。该项目将把人类用户认证系统作为一个有代表性的用例,并将产生关于人类行为在这类系统和一般安全系统中的作用的新知识。软件框架和有关人类行为的新知识也有助于解决通话的其他挑战(例如,探测入侵者/极端分子需要了解他们的行为;保护用户隐私需要了解人类用户如何处理个人数据;政策制定者需要了解其组织的员工和针对其组织的人类攻击者的行为,以便做出更明智的决策)。众所周知,人为因素是网络安全的一个非常重要的方面,世界各国政府都承认这一点,例如,在英国网络安全战略(2011)、新加坡2018年国家网络安全总体计划(2013)和美国联邦网络安全研究和发展战略计划(2011)中。与人类相关的不安全感往往与有意或无意(可能是潜意识的)不安全的人类行为有关。为了对人类行为进行研究(在网络安全、人机交互、心理学等相关领域),研究人员通常依靠真实人类用户的参与,通过调查、访谈、模拟场景、真实案例观察、互动游戏或其他专门设计的用户研究。此类方法通常费时费钱,并存在其他问题,如样本有限和/或有偏差、生态有效性有问题、复制结果困难,以及由于伦理/隐私/法律问题而无法进行某些研究。该项目旨在开发第一个(据我们所知)通用计算框架和辅助软件工具,使能够在不需要真实人类用户参与的情况下,在人机交互水平上自动检测与人类行为相关的不安全感。该框架将建立在人类认知过程、人机接口、与人类行为相关的攻击和安全措施的计算模型上。该框架将是非侵入式的:该框架将评估所涉及的系统和人员的抽象可执行模型,而不是评估正在运行的系统本身。将真实的人类用户从流程中剔除,可以更快、更客观地检查给定安全系统的潜在不安全。自动化过程仍可与传统的用户研究相结合,以更好地利用有限的资源自动发现潜在的不安全问题,值得进一步人工分析。开发的框架和软件工具将对网络安全研究人员、安全系统设计/开发人员和安全行业向最终用户提供更安全的系统具有重要价值。作为一种自然的副产品,它们还将允许更容易地评估具有人机界面的安全和非安全相关计算机系统的可用性。正如我们在上面的总结中所提到的,对Call的其他挑战感到担忧的人也可以从项目的结果中受益。在这个项目中,我们将主要关注人机界面级别(“微观”)的人类行为,但也将研究更高级别(“宏观”)行为的可能扩展(例如,人类用户如何通过排练和学习随着时间的推移调整他们的行为),为我们未来的研究铺平道路。
项目成果
期刊论文数量(9)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
Making a good thing better: enhancing password/PIN-based user authentication with smartwatch
- DOI:10.1186/s42400-018-0009-4
- 发表时间:2018-08
- 期刊:
- 影响因子:3.1
- 作者:Bing Chang;Yingjiu Li;Qiongxiao Wang;W. Zhu;R. Deng
- 通讯作者:Bing Chang;Yingjiu Li;Qiongxiao Wang;W. Zhu;R. Deng
When Human cognitive modeling meets PINs: User-independent inter-keystroke timing attacks
- DOI:10.1016/j.cose.2018.09.003
- 发表时间:2018-10
- 期刊:
- 影响因子:0
- 作者:Ximing Liu;Yingjiu Li;R. Deng;Bing Chang;Shujun Li
- 通讯作者:Ximing Liu;Yingjiu Li;R. Deng;Bing Chang;Shujun Li
Human-Generated and Machine-Generated Ratings of Password Strength: What Do Users Trust More?
- DOI:10.4108/eai.13-7-2018.162797
- 发表时间:2019-08
- 期刊:
- 影响因子:0
- 作者:S. Alqahtani;Shujun Li;Haiyue Yuan;P. Rusconi
- 通讯作者:S. Alqahtani;Shujun Li;Haiyue Yuan;P. Rusconi
Data-driven multimedia forensics and security
数据驱动的多媒体取证和安全
- DOI:10.1016/j.jvcir.2018.06.023
- 发表时间:2018
- 期刊:
- 影响因子:2.6
- 作者:Rocha A
- 通讯作者:Rocha A
2nd International Workshop on Multimedia Privacy and Security
第二届多媒体隐私与安全国际研讨会
- DOI:10.1145/3243734.3243876
- 发表时间:2018
- 期刊:
- 影响因子:0
- 作者:Hallman R
- 通讯作者:Hallman R
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
数据更新时间:{{ journalArticles.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ monograph.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ sciAawards.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ conferencePapers.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ patent.updateTime }}
Shujun Li其他文献
Targeted inhibition of miR-221/222 promoted cell sensitivity to cisplatin in triple negative breast cancer
靶向抑制 miR-221/222 促进三阴性乳腺癌细胞对顺铂的敏感性
- DOI:
- 发表时间:
- 期刊:
- 影响因子:3.7
- 作者:
Shujun Li;Qun Li;Jinhui Lü;Qian Zhao;Danni Li;Lei Shen;Zhongyue Wang;Junjun Liu;Dongping Xie;William C. Cho;Shaohua Xu;Zuoren Yu - 通讯作者:
Zuoren Yu
US budget impact analysis of esketamine nasal spray in major depressive disorder with acute suicidal ideation/behavior.
艾氯胺酮鼻喷雾剂治疗伴有急性自杀意念/行为的重度抑郁症的美国预算影响分析。
- DOI:
10.2217/cer-2021-0226 - 发表时间:
2022 - 期刊:
- 影响因子:2.1
- 作者:
J. Voelker;J. Sheehan;H. Le;H. Toro;Shujun Li;K. Joshi - 通讯作者:
K. Joshi
A Fast Integration Method and Its Application in a Medical Physics Problem
一种快速积分方法及其在医学物理问题中的应用
- DOI:
- 发表时间:
2006 - 期刊:
- 影响因子:0
- 作者:
Shujun Li;E. Doncker;Karlis Kaugars;Haisen S. Li - 通讯作者:
Haisen S. Li
Cognitive Approaches to Human Computer Interaction
人机交互的认知方法
- DOI:
- 发表时间:
2020 - 期刊:
- 影响因子:0
- 作者:
Haiyue Yuan;Shujun Li;P. Rusconi - 通讯作者:
P. Rusconi
Influence of Manufacturing Parameters on the Properties of Electron Beam Melted Ti-Ni Alloy
制造参数对电子束熔炼钛镍合金性能的影响
- DOI:
10.11900/0412.1961.2019.00410 - 发表时间:
2020 - 期刊:
- 影响因子:0
- 作者:
Dechun Ren;Huibo Zhang;Xiaodong Zhao;Fuyu Wang;W. Hou;Shaogang Wang;Shujun Li;Jin Wei;Rui Yang - 通讯作者:
Rui Yang
Shujun Li的其他文献
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
{{ truncateString('Shujun Li', 18)}}的其他基金
PRIvacy-aware personal data management and Value Enhancement for Leisure Travellers (PriVELT)
注重隐私的个人数据管理和休闲旅行者的价值提升 (PriVELT)
- 批准号:
EP/R033749/1 - 财政年份:2018
- 资助金额:
$ 26.52万 - 项目类别:
Research Grant
Academic Centre of Excellence in Cyber Security Research - University of Kent
网络安全研究卓越学术中心 - 肯特大学
- 批准号:
EP/S018964/1 - 财政年份:2018
- 资助金额:
$ 26.52万 - 项目类别:
Research Grant
ACCEPT: Addressing Cybersecurity and Cybercrime via a co-Evolutionary aPproach to reducing human-relaTed risks
接受:通过共同进化方法解决网络安全和网络犯罪问题,以减少与人类相关的风险
- 批准号:
EP/P011896/1 - 财政年份:2017
- 资助金额:
$ 26.52万 - 项目类别:
Research Grant
ACCEPT: Addressing Cybersecurity and Cybercrime via a co-Evolutionary aPproach to reducing human-relaTed risks
接受:通过共同进化方法解决网络安全和网络犯罪问题,以减少与人类相关的风险
- 批准号:
EP/P011896/2 - 财政年份:2017
- 资助金额:
$ 26.52万 - 项目类别:
Research Grant
相似海外基金
The computational and neural mechanisms linking decision-making and memory in humans
连接人类决策和记忆的计算和神经机制
- 批准号:
10808667 - 财政年份:2023
- 资助金额:
$ 26.52万 - 项目类别:
CRII: CHS: RUI: Computational models of humans for studying and improving Human-AI interaction
CRII:CHS:RUI:用于研究和改善人机交互的人类计算模型
- 批准号:
2218226 - 财政年份:2022
- 资助金额:
$ 26.52万 - 项目类别:
Standard Grant
Computational Models of Humans
人类的计算模型
- 批准号:
RGPIN-2017-04604 - 财政年份:2021
- 资助金额:
$ 26.52万 - 项目类别:
Discovery Grants Program - Individual
Computational and electrochemical substrates of social decision-making in humans
人类社会决策的计算和电化学基础
- 批准号:
10059060 - 财政年份:2020
- 资助金额:
$ 26.52万 - 项目类别:
Development and validation of a computational model of higher-order statistical learning on graphs in humans
人类图高阶统计学习计算模型的开发和验证
- 批准号:
10059133 - 财政年份:2020
- 资助金额:
$ 26.52万 - 项目类别:
Computational and electrochemical substrates of social decision-making in humans
人类社会决策的计算和电化学基础
- 批准号:
10428547 - 财政年份:2020
- 资助金额:
$ 26.52万 - 项目类别:
Computational and electrochemical substrates of social decision-making in humans
人类社会决策的计算和电化学基础
- 批准号:
10640947 - 财政年份:2020
- 资助金额:
$ 26.52万 - 项目类别:
Computational and electrochemical substrates of social decision-making in humans
人类社会决策的计算和电化学基础
- 批准号:
10227238 - 财政年份:2020
- 资助金额:
$ 26.52万 - 项目类别:
Computational Models of Humans
人类的计算模型
- 批准号:
RGPIN-2017-04604 - 财政年份:2020
- 资助金额:
$ 26.52万 - 项目类别:
Discovery Grants Program - Individual
Computational Models of Humans
人类的计算模型
- 批准号:
RGPIN-2017-04604 - 财政年份:2019
- 资助金额:
$ 26.52万 - 项目类别:
Discovery Grants Program - Individual














{{item.name}}会员




