A human-centric cybersecurity training tool for prioritising MSNAs
Analysts in cybersecurity are responsible for monitoring and responding to security incidents in computer systems. They constantly need to acquire sophisticated skills to detect and mitigate sophisticated attacks such as multi-stage and multi-step network attacks (MSNA) that can long hours, days and even months. Unfortunately, there is a lack of MSNA datasets where cybersecurity analyst can train themselves about this matter. Moreover, their inherent complexity makes very difficult to cybersecurity analysts to detect them just reading logs. This work presents a human-centric approach to create MSNAs scenarios for training cybersecurity analysts on detecting concurrent MSNAs. To do this, we have designed NetWars to simulate a training scenario for cybersecurity analyst based on the attacks perpetrated for highly skilled teams during capture The flag events. During the training, cybersecurity analysts receive multiple concurrent MSNAs from 19 different attackers, where the trainee must decide which attack to prioritize for mitigation given that she has limited resources. We hypothesize that using a human-centric cybersecurity approach for cybersecurity analysts learn about detecting and evaluating MSNAs priorities would be better than using traditional approach based on the outputs of Intrusion detection systems. Results are encouraging. the tool’s adoption also yielded a remarkable 95% success rate in generating accurate answers. The usability of the NetWars prototype was highlighted by the users.
Mon 11 SepDisplayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna
15:30 - 16:30 | |||
15:30 20mTalk | Towards an Understanding of Developers’ Perceptions of Transparency in Software Development: A Preliminary Study [Workshop] HCSE-CS Humphrey Obie Monash University, Juliet Ukwella Durham College of Applied Arts & Technology, Kashumi Madampe Monash University, Australia, John Grundy Monash University, Mojtaba Shahin RMIT University, Australia DOI Media Attached | ||
15:50 20mTalk | Universal Design for Website Authentication [Workshop] HCSE-CS DOI | ||
16:10 20mTalk | A human-centric cybersecurity training tool for prioritising MSNAs [Workshop] HCSE-CS DOI |