idsNETS: An experimental platform to study situation awareness for intrusion detection analysts

Vincent F. Mancuso; Dev Minotra; Nicklaus Giacobe; Michael McNeese; Michael Tyworth

doi:10.1109/CogSIMA.2012.6188411

idsNETS: An experimental platform to study situation awareness for intrusion detection analysts

Vincent F. Mancuso, Dev Minotra, Nicklaus Giacobe, Michael McNeese, Michael Tyworth

College of Information Sciences and Technology

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

20 Scopus citations

Abstract

In this paper we present a new human-in-the-loop simulation designed to help better understand the role of the human in a cyber-analysis task. Based on qualitative research, previous literature within cyber security, and our experience creating simulations, we built a new system, idsNETS, which is capable of simulating both the environment and data that is present in a cyber-security intrusion detection task. This simulation, which is the first built upon the NeoCITIES Experimental Task Simulator (NETS), was implemented to mimic the task of an intrusion detection analyst. From this work, we present an overview of the scaled-world definitions, the NETS Simulation Engine, and the Simulation User Interface, as well as discuss how this simulation can be leveraged to measure situation awareness in cyber security. Finally we discuss the future research that the idsNETS system will enable us to conduct.

Original language	English (US)
Title of host publication	2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012
Pages	73-79
Number of pages	7
DOIs	https://doi.org/10.1109/CogSIMA.2012.6188411
State	Published - 2012
Event	2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012 - New Orleans, LA, United States Duration: Mar 6 2012 → Mar 8 2012

Publication series

Name	2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012

Other

Other	2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012
Country/Territory	United States
City	New Orleans, LA
Period	3/6/12 → 3/8/12

All Science Journal Classification (ASJC) codes

Information Systems and Management

Access to Document

10.1109/CogSIMA.2012.6188411

Cite this

Mancuso, V. F., Minotra, D., Giacobe, N., McNeese, M., & Tyworth, M. (2012). idsNETS: An experimental platform to study situation awareness for intrusion detection analysts. In 2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012 (pp. 73-79). Article 6188411 (2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012). https://doi.org/10.1109/CogSIMA.2012.6188411

Mancuso, Vincent F. ; Minotra, Dev ; Giacobe, Nicklaus et al. / idsNETS : An experimental platform to study situation awareness for intrusion detection analysts. 2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012. 2012. pp. 73-79 (2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012).

@inproceedings{ce7be2812b59454cae635762af9c997e,

title = "idsNETS: An experimental platform to study situation awareness for intrusion detection analysts",

abstract = "In this paper we present a new human-in-the-loop simulation designed to help better understand the role of the human in a cyber-analysis task. Based on qualitative research, previous literature within cyber security, and our experience creating simulations, we built a new system, idsNETS, which is capable of simulating both the environment and data that is present in a cyber-security intrusion detection task. This simulation, which is the first built upon the NeoCITIES Experimental Task Simulator (NETS), was implemented to mimic the task of an intrusion detection analyst. From this work, we present an overview of the scaled-world definitions, the NETS Simulation Engine, and the Simulation User Interface, as well as discuss how this simulation can be leveraged to measure situation awareness in cyber security. Finally we discuss the future research that the idsNETS system will enable us to conduct.",

author = "Mancuso, {Vincent F.} and Dev Minotra and Nicklaus Giacobe and Michael McNeese and Michael Tyworth",

year = "2012",

doi = "10.1109/CogSIMA.2012.6188411",

language = "English (US)",

isbn = "9781467303453",

series = "2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012",

pages = "73--79",

booktitle = "2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012",

note = "2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012 ; Conference date: 06-03-2012 Through 08-03-2012",

}

Mancuso, VF, Minotra, D, Giacobe, N, McNeese, M & Tyworth, M 2012, idsNETS: An experimental platform to study situation awareness for intrusion detection analysts. in 2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012., 6188411, 2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012, pp. 73-79, 2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012, New Orleans, LA, United States, 3/6/12. https://doi.org/10.1109/CogSIMA.2012.6188411

idsNETS: An experimental platform to study situation awareness for intrusion detection analysts. / Mancuso, Vincent F.; Minotra, Dev; Giacobe, Nicklaus et al.
2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012. 2012. p. 73-79 6188411 (2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - idsNETS

T2 - 2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012

AU - Mancuso, Vincent F.

AU - Minotra, Dev

AU - Giacobe, Nicklaus

AU - McNeese, Michael

AU - Tyworth, Michael

PY - 2012

Y1 - 2012

N2 - In this paper we present a new human-in-the-loop simulation designed to help better understand the role of the human in a cyber-analysis task. Based on qualitative research, previous literature within cyber security, and our experience creating simulations, we built a new system, idsNETS, which is capable of simulating both the environment and data that is present in a cyber-security intrusion detection task. This simulation, which is the first built upon the NeoCITIES Experimental Task Simulator (NETS), was implemented to mimic the task of an intrusion detection analyst. From this work, we present an overview of the scaled-world definitions, the NETS Simulation Engine, and the Simulation User Interface, as well as discuss how this simulation can be leveraged to measure situation awareness in cyber security. Finally we discuss the future research that the idsNETS system will enable us to conduct.

AB - In this paper we present a new human-in-the-loop simulation designed to help better understand the role of the human in a cyber-analysis task. Based on qualitative research, previous literature within cyber security, and our experience creating simulations, we built a new system, idsNETS, which is capable of simulating both the environment and data that is present in a cyber-security intrusion detection task. This simulation, which is the first built upon the NeoCITIES Experimental Task Simulator (NETS), was implemented to mimic the task of an intrusion detection analyst. From this work, we present an overview of the scaled-world definitions, the NETS Simulation Engine, and the Simulation User Interface, as well as discuss how this simulation can be leveraged to measure situation awareness in cyber security. Finally we discuss the future research that the idsNETS system will enable us to conduct.

UR - http://www.scopus.com/inward/record.url?scp=84861130034&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84861130034&partnerID=8YFLogxK

U2 - 10.1109/CogSIMA.2012.6188411

DO - 10.1109/CogSIMA.2012.6188411

M3 - Conference contribution

AN - SCOPUS:84861130034

SN - 9781467303453

T3 - 2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012

SP - 73

EP - 79

BT - 2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012

Y2 - 6 March 2012 through 8 March 2012

ER -

Mancuso VF, Minotra D, Giacobe N, McNeese M, Tyworth M. idsNETS: An experimental platform to study situation awareness for intrusion detection analysts. In 2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012. 2012. p. 73-79. 6188411. (2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2012). doi: 10.1109/CogSIMA.2012.6188411

idsNETS: An experimental platform to study situation awareness for intrusion detection analysts

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this