Development and validation of the Air Force Cyber Intruder Alert Testbed (CIAT)

Gregory Funke; Gregory Dye; Brett Borghetti; Vincent Mancuso; Eric Greenlee; Brent Miller; Lauren Menke; Rebecca Brown; Alex Vieane

doi:10.1007/978-3-319-41932-9_30

Development and validation of the Air Force Cyber Intruder Alert Testbed (CIAT)

Gregory Funke, Gregory Dye, Brett Borghetti, Vincent Mancuso, Eric Greenlee, Brent Miller, Lauren Menke, Rebecca Brown, Alex Vieane

Psychological Sciences

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Scopus citations

Abstract

Presently, cyber defense heavily relies on human network analysts who must detect and investigate potential suspicious activity, a demanding, fatiguing process that takes a heavy toll on human operators. Given the criticality of these operators to cyber defense, research is needed to investigate and mitigate the sources of those challenges. Currently, few cyber-focused synthetic task environments (STEs) exist, and those that do are not well suited to investigate the problems of network analysts. Therefore, a new cyber STE focused on network analysts called the Air Force Cyber Intruder Alert Testbed (CIAT) was developed. This STE was designed to emulate key functions of Enterprise-level cyber defense platforms. Specifically, CIAT simulates a network analyst environment, including an intrusion detection system, signature database, packet capture software, and network list. The purpose of this paper is to describe the development and validation of the CIAT STE.

Original language	English
Title of host publication	Advances in Human Factors in Cybersecurity - Proceedings of the AHFE International Conference on Human Factors in Cybersecurity, 2016
Editors	Denise Nicholson
Publisher	Springer-Verlag
Pages	363-376
Number of pages	14
ISBN (Print)	9783319419312
DOIs	https://doi.org/10.1007/978-3-319-41932-9_30
State	Published - 2016
Event	International Conference on Human Factors in Cybersecurity, 2016 - Walt Disney World, United States Duration: Jul 27 2016 → Jul 31 2016

Publication series

Name	Advances in Intelligent Systems and Computing
Volume	501
ISSN (Print)	2194-5357

Conference

Conference	International Conference on Human Factors in Cybersecurity, 2016
Country/Territory	United States
City	Walt Disney World
Period	07/27/16 → 07/31/16

Keywords

Cyber defense
IMPRINT
Network analyst
Synthetic task environment

Access to Document

10.1007/978-3-319-41932-9_30

Cite this

Funke, G., Dye, G., Borghetti, B., Mancuso, V., Greenlee, E., Miller, B., Menke, L., Brown, R., & Vieane, A. (2016). Development and validation of the Air Force Cyber Intruder Alert Testbed (CIAT). In D. Nicholson (Ed.), Advances in Human Factors in Cybersecurity - Proceedings of the AHFE International Conference on Human Factors in Cybersecurity, 2016 (pp. 363-376). (Advances in Intelligent Systems and Computing; Vol. 501). Springer-Verlag. https://doi.org/10.1007/978-3-319-41932-9_30

Funke, Gregory ; Dye, Gregory ; Borghetti, Brett et al. / Development and validation of the Air Force Cyber Intruder Alert Testbed (CIAT). Advances in Human Factors in Cybersecurity - Proceedings of the AHFE International Conference on Human Factors in Cybersecurity, 2016. editor / Denise Nicholson. Springer-Verlag, 2016. pp. 363-376 (Advances in Intelligent Systems and Computing).

@inproceedings{25221104d7f44132aec5ffb5c3735e8f,

title = "Development and validation of the Air Force Cyber Intruder Alert Testbed (CIAT)",

abstract = "Presently, cyber defense heavily relies on human network analysts who must detect and investigate potential suspicious activity, a demanding, fatiguing process that takes a heavy toll on human operators. Given the criticality of these operators to cyber defense, research is needed to investigate and mitigate the sources of those challenges. Currently, few cyber-focused synthetic task environments (STEs) exist, and those that do are not well suited to investigate the problems of network analysts. Therefore, a new cyber STE focused on network analysts called the Air Force Cyber Intruder Alert Testbed (CIAT) was developed. This STE was designed to emulate key functions of Enterprise-level cyber defense platforms. Specifically, CIAT simulates a network analyst environment, including an intrusion detection system, signature database, packet capture software, and network list. The purpose of this paper is to describe the development and validation of the CIAT STE.",

keywords = "Cyber defense, IMPRINT, Network analyst, Synthetic task environment",

author = "Gregory Funke and Gregory Dye and Brett Borghetti and Vincent Mancuso and Eric Greenlee and Brent Miller and Lauren Menke and Rebecca Brown and Alex Vieane",

note = "Publisher Copyright: {\textcopyright} Springer International Publishing Switzerland 2016.; International Conference on Human Factors in Cybersecurity, 2016 ; Conference date: 27-07-2016 Through 31-07-2016",

year = "2016",

doi = "10.1007/978-3-319-41932-9_30",

language = "English",

isbn = "9783319419312",

series = "Advances in Intelligent Systems and Computing",

publisher = "Springer-Verlag",

pages = "363--376",

editor = "Denise Nicholson",

booktitle = "Advances in Human Factors in Cybersecurity - Proceedings of the AHFE International Conference on Human Factors in Cybersecurity, 2016",

}

Funke, G, Dye, G, Borghetti, B, Mancuso, V, Greenlee, E, Miller, B, Menke, L, Brown, R & Vieane, A 2016, Development and validation of the Air Force Cyber Intruder Alert Testbed (CIAT). in D Nicholson (ed.), Advances in Human Factors in Cybersecurity - Proceedings of the AHFE International Conference on Human Factors in Cybersecurity, 2016. Advances in Intelligent Systems and Computing, vol. 501, Springer-Verlag, pp. 363-376, International Conference on Human Factors in Cybersecurity, 2016, Walt Disney World, United States, 07/27/16. https://doi.org/10.1007/978-3-319-41932-9_30

Development and validation of the Air Force Cyber Intruder Alert Testbed (CIAT). / Funke, Gregory; Dye, Gregory; Borghetti, Brett et al.
Advances in Human Factors in Cybersecurity - Proceedings of the AHFE International Conference on Human Factors in Cybersecurity, 2016. ed. / Denise Nicholson. Springer-Verlag, 2016. p. 363-376 (Advances in Intelligent Systems and Computing; Vol. 501).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Development and validation of the Air Force Cyber Intruder Alert Testbed (CIAT)

AU - Funke, Gregory

AU - Dye, Gregory

AU - Borghetti, Brett

AU - Mancuso, Vincent

AU - Greenlee, Eric

AU - Miller, Brent

AU - Menke, Lauren

AU - Brown, Rebecca

AU - Vieane, Alex

N1 - Publisher Copyright: © Springer International Publishing Switzerland 2016.

PY - 2016

Y1 - 2016

N2 - Presently, cyber defense heavily relies on human network analysts who must detect and investigate potential suspicious activity, a demanding, fatiguing process that takes a heavy toll on human operators. Given the criticality of these operators to cyber defense, research is needed to investigate and mitigate the sources of those challenges. Currently, few cyber-focused synthetic task environments (STEs) exist, and those that do are not well suited to investigate the problems of network analysts. Therefore, a new cyber STE focused on network analysts called the Air Force Cyber Intruder Alert Testbed (CIAT) was developed. This STE was designed to emulate key functions of Enterprise-level cyber defense platforms. Specifically, CIAT simulates a network analyst environment, including an intrusion detection system, signature database, packet capture software, and network list. The purpose of this paper is to describe the development and validation of the CIAT STE.

AB - Presently, cyber defense heavily relies on human network analysts who must detect and investigate potential suspicious activity, a demanding, fatiguing process that takes a heavy toll on human operators. Given the criticality of these operators to cyber defense, research is needed to investigate and mitigate the sources of those challenges. Currently, few cyber-focused synthetic task environments (STEs) exist, and those that do are not well suited to investigate the problems of network analysts. Therefore, a new cyber STE focused on network analysts called the Air Force Cyber Intruder Alert Testbed (CIAT) was developed. This STE was designed to emulate key functions of Enterprise-level cyber defense platforms. Specifically, CIAT simulates a network analyst environment, including an intrusion detection system, signature database, packet capture software, and network list. The purpose of this paper is to describe the development and validation of the CIAT STE.

KW - Cyber defense

KW - IMPRINT

KW - Network analyst

KW - Synthetic task environment

UR - http://www.scopus.com/inward/record.url?scp=84986301140&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-41932-9_30

DO - 10.1007/978-3-319-41932-9_30

M3 - Conference contribution

AN - SCOPUS:84986301140

SN - 9783319419312

T3 - Advances in Intelligent Systems and Computing

SP - 363

EP - 376

BT - Advances in Human Factors in Cybersecurity - Proceedings of the AHFE International Conference on Human Factors in Cybersecurity, 2016

A2 - Nicholson, Denise

PB - Springer-Verlag

T2 - International Conference on Human Factors in Cybersecurity, 2016

Y2 - 27 July 2016 through 31 July 2016

ER -

Funke G, Dye G, Borghetti B, Mancuso V, Greenlee E, Miller B et al. Development and validation of the Air Force Cyber Intruder Alert Testbed (CIAT). In Nicholson D, editor, Advances in Human Factors in Cybersecurity - Proceedings of the AHFE International Conference on Human Factors in Cybersecurity, 2016. Springer-Verlag. 2016. p. 363-376. (Advances in Intelligent Systems and Computing). doi: 10.1007/978-3-319-41932-9_30

Development and validation of the Air Force Cyber Intruder Alert Testbed (CIAT)

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this