Cyber network analysts must gather evidence from multiple sources and ultimately decide whether or not suspicious activity represents a threat to network security. Information relevant to this task is usually presented in an uncoordinated fashion, meaning analysts must manually correlate data across multiple databases. The current experiment examined whether analyst performance efficiency would be improved by coordinated displays, i.e., displays that automatically link relevant information across databases. We found that coordinated displays nearly doubled performance efficiency, in contrast to the standard uncoordinated displays, and coordinated displays resulted in a modest increase in threat detections. These results demonstrate that the benefits of coordinated displays are significant enough to recommend their inclusion in future cyber defense software.
|Number of pages||5|
|Journal||Proceedings of the Human Factors and Ergonomics Society|
|State||Published - 2016|
|Event||Human Factors and Ergonomics Society 2016 International Annual Meeting, HFES 2016 - Washington, United States|
Duration: Sep 19 2016 → Sep 23 2016