A team of George Mason University researchers is probing the psychology behind cyberattacks as part of a U.S. intelligence community program aimed at turning the tables on hackers.
As the prevalence and severity of cyberattacks continue to grow, the Intelligence Advanced Research Project Activity (IARPA) has turned its focus on how best to exploit the weakest link in cyberattacks: the human factor.
Under a new IARPA program, researchers hope to better understand cyber attackers’ cognitive vulnerabilities and decision-making biases and use those vulnerabilities to derail future attacks.
Researchers Daniel Barbará, Giuseppe Ateniese, and Gerald Matthews were recently selected as part of a broader team of computer science, cybersecurity, and psychology experts to forge new research pathways and deliver cutting-edge technology as part of IARPA’s Reimagining Security with Cyberpsychology-Informed Network Defense, or ReSCIND, program.
The team of researchers will build defensive tools that first cue in on hackers’ human limitations and use those weaknesses to delay or derail the attack while it is underway.
“You want to make them waste their time,” said Barbará, a computer science professor at George Mason’s College of Engineering and Computing. “The more they waste their time, the least damage they’re going to do.”
This can be accomplished by luring hackers with decoys such as false networks or documents to distract them.
But the trick is two-fold. The decoys must first and foremost appear to be real. They also need to entice the hackers away from their original aim. The latter is where understanding the psychological factors that influence hackers is essential.
As part of the first phase of the ReSCIND program, researchers will aim to fill gaps that exist in the current understanding of human cognition and decision making that influence cyber attackers’ behavior.
“It’s a challenging topic to address because hackers, of course, tend to be somewhat secretive,” Matthews, a professor of psychology at George Mason, said. “There aren’t many opportunities to study hacker psychology.”
Matthews said the current understanding of hackers’ behavior that provides the baseline for their research comes from several areas of study in psychology. Key among those areas is human performance and in particular how emotional states might influence performance.
“Hackers themselves are under pressure and potentially anxious about getting caught,” Matthews said. “They’re anxious about looking foolish to the people that they are working with.”
Cultural factors that motivate hackers are also important to consider and may vary greatly among hackers. Thrill-seeking college-age hackers, for example, would have different cultural norms and motives than highly trained professionals acting on behalf of a nation-state adversary, Matthews said.
Researchers hope to further understand the full scope of psychological factors that influence hackers, including how to measure, predict, and induce their cognitive vulnerabilities.
“There’s a certain amount of psychology that allows you to link the emotional reactions that hackers might have to cognitive biases and other vulnerabilities in performance,” Matthews said. “So, in this first part of the research, we’re trying to sketch out what some of those vulnerabilities might be.”
As part of the second phase, researchers will further define when cyberpsychology-informed defenses can best be used and how to determine the success of those defenses. The final phase will focus on modeling, adapting, and automating those defenses.
Ateniese, a computer science professor and eminent scholar in cybersecurity, said the ReSCIND program reflects the growing importance of cyberpsychology research in shaping emerging technology.
“I see a myriad of excellent applications, not just this project,” Ateniese said. “As you can imagine, people today are building AI systems that either mimic or seek to improve upon human behavior. So, the psychology perspective is very intriguing.”
The ReSCIND program will run for nearly four years and is being carried out through research contracts awarded across five teams.
Barbará, Ateniese, and Matthews’ research will contribute to a ReSCIND contract awarded to SRI International, an independent nonprofit research institute headquartered in California.
The George Mason team will work alongside experts from the Florida Institute for Human and Machine Cognition, Margin Research, Research and Assessment Design: Science Solution, Two Six Technologies, University of Florida, and Virtual Reality Medical Center.
In many ways, the project is a natural progression for the three professors who have worked together on several previous projects requiring a multidisciplinary approach.
They were first introduced in 2021 by Amarda Shehu, a computer science professor and co-director at the time of the George Mason’s transdisciplinary Center for Advancing Human-Machine Partnerships (CAHMP).
A call for proposals from Virginia’s Commonwealth Cyber Initiative for a project that sought to bridge cybersecurity and human factors research to help users build secure passwords immediately brought to mind Barbará, Ateniese, and Matthews’ expertise.
“I always had the agenda of putting teams together and finding some funding opportunities so that then they could obtain preliminary results through which to demonstrate credibility for larger projects,” Shehu said.
The match has led to a series of successful projects by the team, including the Commonwealth Cyber Initiative password project and a project focused on distinguishing authentic videos from deepfakes.
“The IARPA project is, in some sense, an example of the culmination of an activity, how you put a team together,” Shehu said. “They find some funding so that they can start that relationship and then that kind of blossoms into a larger project. It's really a perfect example of what we want to see in […] in general at Mason in terms of transdisciplinary research and the fruit of that research.”
Shehu, now associate vice president for research for Mason’s Institute for Digital Innovation, said bringing teams together with broad collective expertise is critical to solving the most complex impediments to technological progress.
“The most challenging problems nowadays don't reside specifically within one discipline,” she said. “They bridge disciplines.”
In This Story
Related Stories
- December 3, 2024
- October 11, 2024
- May 2, 2024
- February 8, 2024
- December 12, 2023
This content appears in the Fall 2024 print edition of the Mason Spirit Magazine with the title "Using Psychology to Defend Against Cyberattacks."