Master of Arts (MA)
David . Schuster
Cyber Security, Human-Computer Interaction, Human Factors, Intrusion Detection Systems, Signal Detection, Situation Awareness
Psychology; Quantitative psychology
Computer network defense (CND) protects organizations and individuals against cyber threats by monitoring, identifying, analyzing, and defending network infrastructure from infiltration. Network defenders must maintain high levels of cyber situation awareness (CSA) in order to correctly identify and act on threats to the network. Intrusion detection systems (IDSs) are automated systems designed to assist network defenders in building CSA by sifting through network traffic and flagging potential threats. These systems are plagued by high false alarm rates that inhibit the ability of network defenders to build CSA. More capable IDSs have been developed that are capable of increasing the hit rate and lowering the false alarm rate by analyzing gathered network information. The influence of these IDS technologies on CSA has yet to be explored. 172 San Jose State University psychology students performed a signal detection task for intrusion detection to examine whether integrated automation with a multilayered analysis incorporating both liberal and conservative response criteria leads to better CSA than less-integrated, yet liberally responding automation (high hit rates and high false alarm rates) or conservatively responding automation (with low hit rates and low false alarm rates). The IDS condition was manipulated at three levels (liberal, conservative, both). The reliability of the IDSs was manipulated at three levels (60%, 80%, 95%). This study was unable to observe any differences in task performance or CSA for any of the conditions.
Cooke, Ian Anderson, "A Comparative Study of the Influence of Level of Automation and Reliability of IDS Systems on Cyber Situation Awareness" (2019). Master's Theses. 5027.