乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,8]],"date-time":"2024-09-08T16:12:41Z","timestamp":1725811961021},"reference-count":35,"publisher":"SAGE Publications","issue":"3","license":[{"start":{"date-parts":[[2012,11,6]],"date-time":"2012-11-06T00:00:00Z","timestamp":1352160000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/journals.sagepub.com\/page\/policies\/text-and-data-mining-license"}],"content-domain":{"domain":["journals.sagepub.com"],"crossmark-restriction":true},"short-container-title":["Hum Factors"],"published-print":{"date-parts":[[2013,6]]},"abstract":"Objective:<\/jats:title> To determine the effects of an adversary\u2019s behavior on the defender\u2019s accurate and timely detection of network threats. <\/jats:p><\/jats:sec>Background:<\/jats:title> Cyber attacks cause major work disruption. It is important to understand how a defender\u2019s behavior (experience and tolerance to threats), as well as adversarial behavior (attack strategy), might impact the detection of threats. In this article, we use cognitive modeling to make predictions regarding these factors. <\/jats:p><\/jats:sec>Method:<\/jats:title> Different model types representing a defender, based on Instance-Based Learning Theory (IBLT), faced different adversarial behaviors. A defender\u2019s model was defined by experience of threats: threat-prone (90% threats and 10% nonthreats) and nonthreat-prone (10% threats and 90% nonthreats); and different tolerance levels to threats: risk-averse (model declares a cyber attack after perceiving one threat out of eight total) and risk-seeking (model declares a cyber attack after perceiving seven threats out of eight total). Adversarial behavior is simulated by considering different attack strategies: patient (threats occur late) and impatient (threats occur early). <\/jats:p><\/jats:sec>Results:<\/jats:title> For an impatient strategy, risk-averse models with threat-prone experiences show improved detection compared with risk-seeking models with nonthreat-prone experiences; however, the same is not true for a patient strategy. <\/jats:p><\/jats:sec>Conclusions:<\/jats:title> Based upon model predictions, a defender\u2019s prior threat experiences and his or her tolerance to threats are likely to predict detection accuracy; but considering the nature of adversarial behavior is also important. <\/jats:p><\/jats:sec>Application:<\/jats:title> Decision-support tools that consider the role of a defender\u2019s experience and tolerance to threats along with the nature of adversarial behavior are likely to improve a defender\u2019s overall threat detection. <\/jats:p><\/jats:sec>","DOI":"10.1177\/0018720812464045","type":"journal-article","created":{"date-parts":[[2012,11,7]],"date-time":"2012-11-07T08:06:46Z","timestamp":1352275606000},"page":"605-618","update-policy":"http:\/\/dx.doi.org\/10.1177\/sage-journals-update-policy","source":"Crossref","is-referenced-by-count":71,"title":["Cyber Situation Awareness"],"prefix":"10.1177","volume":"55","author":[{"given":"Varun","family":"Dutt","sequence":"first","affiliation":[{"name":"Indian Institute of Technology, Mandi, India"}]},{"given":"Young-Suk","family":"Ahn","sequence":"additional","affiliation":[]},{"given":"Cleotilde","family":"Gonzalez","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, Pennsylvania"}]}],"member":"179","published-online":{"date-parts":[[2012,11,6]]},"reference":[{"key":"bibr1-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-23822-2_23"},{"volume-title":"The atomic components of thought","year":"1998","author":"Anderson J. R.","key":"bibr2-0018720812464045"},{"key":"bibr3-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1017\/S0140525X03000128"},{"key":"bibr4-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1017\/S1930297500000334"},{"key":"bibr5-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1017\/S0140525X01003922"},{"key":"bibr6-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-45474-8_6"},{"key":"bibr7-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-22348-8_24."},{"key":"bibr8-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1109\/COGSIMA.2011.5753758"},{"volume-title":"Situational awareness in computer network defense: Principles, methods and applications","author":"Dutt V.","key":"bibr9-0018720812464045"},{"key":"bibr10-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1177\/1071181311551175"},{"key":"bibr11-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1518\/001872095779049543"},{"volume-title":"The mind\u2019s new science: A history of the cognitive revolution","year":"1987","author":"Gardner H.","key":"bibr12-0018720812464045"},{"key":"bibr13-0018720812464045","unstructured":"Gibson O. (2011, January 19). London 2012 Olympics faces increased cyber attack threat. The Guardian. Retrieved from http:\/\/www.guardian.co.uk\/uk\/2011\/jan\/19\/london-2012-olympics-cyber-attack"},{"key":"bibr14-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9781139049580.013"},{"key":"bibr15-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1037\/a0024558"},{"key":"bibr16-0018720812464045","doi-asserted-by":"publisher","DOI":"10.3390\/g2010136"},{"key":"bibr17-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1016\/S0364-0213(03)00031-4"},{"key":"bibr18-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1111\/j.0956-7976.2004.00715.x"},{"key":"bibr19-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1016\/0010-0285(92)90002-J"},{"key":"bibr20-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4419-0140-8"},{"volume-title":"How we reason","year":"2006","author":"Johnson-Laird P.","key":"bibr21-0018720812464045"},{"key":"bibr22-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1002\/bdm.722"},{"key":"bibr23-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1037\/1076-898X.8.2.75"},{"key":"bibr24-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1201\/9780203490426"},{"key":"bibr25-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586144"},{"key":"bibr26-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1145\/1180405.1180446"},{"key":"bibr27-0018720812464045","unstructured":"PSU. (2011). Center for cyber-security, information privacy, and trust. Retrieved from http:\/\/cybersecurity.ist.psu.edu\/research.php"},{"key":"bibr28-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1145\/310889.310900"},{"key":"bibr29-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1007\/BF02289630"},{"key":"bibr30-0018720812464045","unstructured":"Sideman A. (2011). Agencies must determine computer security teams in face of potential federal shutdown. Retrieved from http:\/\/fcw.com\/articles\/2011\/02\/23\/agencies-must-determine-computer-security-teams-in-face-of-shutdown.aspx"},{"volume-title":"Organizations","year":"1958","author":"Simon H. A.","key":"bibr31-0018720812464045"},{"key":"bibr32-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1117\/12.665763"},{"key":"bibr33-0018720812464045","unstructured":"White House, Office of the Press Secretary. (2011). Remarks by the President on securing our nation\u2019s cyber infrastructure. Retrieved from http:\/\/www.whitehouse.gov\/the_press_office\/Remarks-by-the-President-on-Securing-Our-Nations-Cyber-Infrastructure\/"},{"key":"bibr34-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1093\/acprof:oso\/9780195092509.001.0001"},{"key":"bibr35-0018720812464045","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2010.5544924"}],"container-title":["Human Factors: The Journal of the Human Factors and Ergonomics Society"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.1177\/0018720812464045","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/full-xml\/10.1177\/0018720812464045","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.1177\/0018720812464045","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,6]],"date-time":"2024-09-06T22:35:43Z","timestamp":1725662143000},"score":1,"resource":{"primary":{"URL":"https:\/\/journals.sagepub.com\/doi\/10.1177\/0018720812464045"}},"subtitle":["Modeling Detection of Cyber Attacks With Instance-Based Learning Theory"],"short-title":[],"issued":{"date-parts":[[2012,11,6]]},"references-count":35,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2013,6]]}},"alternative-id":["10.1177\/0018720812464045"],"URL":"https:\/\/doi.org\/10.1177\/0018720812464045","relation":{},"ISSN":["0018-7208","1547-8181"],"issn-type":[{"type":"print","value":"0018-7208"},{"type":"electronic","value":"1547-8181"}],"subject":[],"published":{"date-parts":[[2012,11,6]]}}}