Publication Date

Summer 2019

Degree Type


Degree Name

Master of Arts (MA)




David Schuster


Cyber Security, Human-Computer Interaction, Human Factors, Intrusion Detection Systems, Signal Detection, Situation Awareness

Subject Areas

Psychology; Quantitative psychology


Computer network defense (CND) protects organizations and individuals against cyber threats by monitoring, identifying, analyzing, and defending network infrastructure from infiltration. Network defenders must maintain high levels of cyber situation awareness (CSA) in order to correctly identify and act on threats to the network. Intrusion detection systems (IDSs) are automated systems designed to assist network defenders in building CSA by sifting through network traffic and flagging potential threats. These systems are plagued by high false alarm rates that inhibit the ability of network defenders to build CSA. More capable IDSs have been developed that are capable of increasing the hit rate and lowering the false alarm rate by analyzing gathered network information. The influence of these IDS technologies on CSA has yet to be explored. 172 San Jose State University psychology students performed a signal detection task for intrusion detection to examine whether integrated automation with a multilayered analysis incorporating both liberal and conservative response criteria leads to better CSA than less-integrated, yet liberally responding automation (high hit rates and high false alarm rates) or conservatively responding automation (with low hit rates and low false alarm rates). The IDS condition was manipulated at three levels (liberal, conservative, both). The reliability of the IDSs was manipulated at three levels (60%, 80%, 95%). This study was unable to observe any differences in task performance or CSA for any of the conditions.