Publications

19 Results
Skip to search filters

The Tularosa study: An experimental design and implementation to quantify the effectiveness of cyber deception

Proceedings of the Annual Hawaii International Conference on System Sciences

Ferguson-Walter, Kimberly J.; Shade, Temmie B.; Rogers, Andrew V.; Niedbala, Elizabeth M.; Trumbo, Michael C.; Nauer, Kevin S.; Divis, Kristin; Jones, Aaron P.; Combs, Angela C.; Abbott, Robert G.

The Tularosa study was designed to understand how defensive deception-including both cyber and psychological-affects cyber attackers. Over 130 red teamers participated in a network penetration task over two days in which we controlled both the presence of and explicit mention of deceptive defensive techniques. To our knowledge, this represents the largest study of its kind ever conducted on a professional red team population. The design was conducted with a battery of questionnaires (e.g., experience, personality, etc.) and cognitive tasks (e.g., fluid intelligence, working memory, etc.), allowing for the characterization of a “typical” red teamer, as well as physiological measures (e.g., galvanic skin response, heart rate, etc.) to be correlated with the cyber events. This paper focuses on the design, implementation, data, population characteristics, and begins to examine preliminary results.

More Details

Using Machine Learning in Adversarial Environments

Davis, Warren L.; Dunlavy, Daniel D.; Vorobeychik, Yevgeniy V.; Butler, Karin B.; Forsythe, Chris F.; Letter, Matthew L.; Murchison, Nicole M.; Nauer, Kevin S.

Cyber defense is an asymmetric battle today. We need to understand better what options are available for providing defenders with possible advantages. Our project combines machine learning, optimization, and game theory to obscure our defensive posture from the information the adversaries are able to observe. The main conceptual contribution of this research is to separate the problem of prediction, for which machine learning is used, and the problem of computing optimal operational decisions based on such predictions, coup led with a model of adversarial response. This research includes modeling of the attacker and defender, formulation of useful optimization models for studying adversarial interactions, and user studies to meas ure the impact of the modeling approaches in re alistic settings.

More Details

UVI Cyber-security Workshop Workshop Analysis

Kuykendall, Tommie G.; Allsop, Jacob L.; Anderson, Benjamin R.; boumedine, Marc b.; Carter, Cedric C.; Galvin, Seanmichael Y.; Gonzalez, Oscar G.; Lee, Wellington K.; Lin, Han W.; Morris, Tyler J.; Nauer, Kevin S.; Foehse, Beth A.; Ta, Kim T.; Trasti, Jennifer T.; White, David R.

The cybersecurity consortium, which was established by DOE/NNSA’s Minority Serving Institutions Partnerships Program (MSIPP), allows students from any of the partner schools (13 HBCUs, two national laboratories, and a public school district) to have all consortia options available to them, to create career paths and to open doors to DOE sites and facilities to student members of the consortium. As a part of this year consortium activities, Sandia National Laboratories and the University of Virgin Islands conducted a week long cyber workshop that consisted of three courses; Digital Forensics and Malware Analysis, Python Programming, and ThunderBird Cup. These courses are designed to enhance cyber defense skills and promote learning within STEM related fields.

More Details
19 Results
19 Results