U.S. researchers seek to turn the tables on cyber attackers by using their mental weaknesses against them
SAN DIEGO – U.S. intelligence experts are reaching out to industry to find new kinds of cyber defenses by outsmarting computer hackers and by using their psychological weaknesses against them to blunt the effects of cyber attacks.
Officials of the U.S. Naval Information Warfare Center-Pacific (NIWC Pacific) in San Diego issued a broad agency announcement (N66001-23-S-4510) on Tuesday for the Reimagining Security with Cyberpsychology-Informed Network Defenses (ReSCIND) program.
ReSCIND seeks to develop cyber psychology-informed defenses that capitalize on an understanding of attacker's decision-making, human limitations, and cognitive biases to reduce attack effectiveness, and explore methods for manipulating attacker behavior during various phases of a cyber attack.
NIWC-Pacific is working together on the ReSCIND program with the U.S. Intelligence Advanced Research Projects Activity (IARPA) in Washington -- the research arm of the U.S. Director of National Intelligence.
Related: Military cyber security: threats and solutions
There is a vast amount of cognitive and behavioral science research that applies to cyber security defenses, researchers say. The four-year ReSCIND program focuses on inducing or intensifying cognitive biases to thwart cyber attackers through network and host-based technologies.
Rather than just attempting to detect and stop suspicious movement on the network, the project will increase the effort and resources spent by cyber attackers by influencing their decision-making.
The ReSCIND program seeks ways to identify cognitive vulnerabilities of cyber attackers; induce changes in cyber attack behavior; develop cyber psychology-informed defenses for early- and late-stage attacks; create models that predict attacker behavior; and produce adaptive psychology-informed defenses to automate psychology-informed defenses based on observed attacker behavior.
Some of the most sophisticated and persistent cyber attacks are primarily human-driven, yet most cyber defenses do not consider the human attributes and limitations of attackers, researchers point out. Instead, cyber defenses focus on blocking suspicious behavior and few initiate interactions with a suspected attacker to understand their motives and change their behavior.
ReSCIND will enable defenders to use decision-making biases and mental model heuristics that can be intensified and manipulated to impede cyber attackers and disrupt their behavior.
ReSCIND program will impose a cyber penalty on attackers and increase the difficulty for them to achieve their goals. Technical challenges include providing evidence of cognitive vulnerabilities such as attacker biases, cognitive limitations, and emotional state.
Performers will identify vulnerabilities to cyber attackers; carry out designs with cyber-skilled human participants to explore cyber psychology in dynamic cyber attack tasks; produce a cognitive vulnerabilities playbook that analyzes the behaviors and mental states of cyber attackers; develop approaches to exploit cyber attacker cognitive vulnerabilities; predict attacker behavior; and develop bias sensors.
Companies interested should upload proposals no later than 26 May to the IARPA IDEAS website at https://iarpa-ideas.gov.
Email questions or concerns to Kimberly Ferguson-Walter, the ReSCIND program manager, at [email protected]; the Navy's Eric Pomroy at [email protected], or the Navy's Stephen Enokida at [email protected]. More information is online at https://sam.gov/opp/504bdfa570ae46ef97225c126c016bdc/view.
John Keller | Editor-in-Chief
John Keller is the Editor-in-Chief, Military & Aerospace Electronics Magazine--provides extensive coverage and analysis of enabling electronics and optoelectronic technologies in military, space and commercial aviation applications. John has been a member of the Military & Aerospace Electronics staff since 1989 and chief editor since 1995.