ReSCIND Data Sets

ReSCIND Logo 373x278The human subjects research (HSR) studies performed under ReSCIND have amassed a wealth of data including cyber and human psychological data, under differing conditions to measure and record cognitive vulnerabilities and human cyber behavior.

CharlesRiveAnalytics

Loss Aversion—Endowment Effect

  • Cognitive and cyber skills surveys, plus two 1-hour cyber tasks.
  • 34 participants on cyber task with threatened loss of resources.
  • Surveys and skills data; cyber activity, Splunk logs, and session data.

 Representativeness—Base Rate Neglect

  • Cognitive and cyber skills surveys, plus two 1-hour cyber tasks.
  • 34 participants on cyber task with out-of-place vulnerabilities.
  • Surveys and skills data; cyber activity, Splunk logs, and session data.

Confirmation Bias
Anchoring Bias
Asymmetric Dominance

  • Currently in progress....

CharlesRiveAnalytics

Silver Tier Game “Funfair”

  • 1-hour series of funfair-themed games to measure cognitive effects such as risky choice and near miss effect that align with cyber tasks in “Gold” exercise
  • Online undergraduate students and cyber experts
  • Skills test, general (non-cyber) behavioral data

 Gold Tier Cyber Exercise

  • 2-6 hour open CTF with sequenced tasks
  • Online undergraduate students and cyber experts who passed a cyber skills test. Partially overlaps with Silver tier “Funfair” participants
  • Docker and system logs, task tracking, Falco logs, PCAP, Snort & Suricata, and task metrics

 Peraton

Narrative: General Cyber CogVuln Study

  • Cyber narrative with decision points designed to correlate multiple CogVulns to cyber contexts (cyber isomorphs)
  • 420 participants who passed a cyber knowledge screener
  • Psychometric data, questionnaires, timing, and self-reports

Small Scale Cyber Exercise
Large Scale Cyber Exercise

  • Currently In Progress

RTX

Naturalistic Cyber Attack Behavior with Host/Network Manipulations

  • Screening and demographics, self-reports and psychometric data, PCAP, Suricata, keylog, and terminal histories
  • 19 red team participants who passed a cyber screening questionnaire
  • Host/Network Manipulations include realistic but potentially erroneous information such as mislabeled host names, applications, accounts, or files containing outdated credentials
  • 2-day cyber exercise attacking a single network with multiple key objectives and intermittent intelligence about the task

Naturalistic Cyber Attack Behavior

  • Screening and demographics, self-reports and psychometric data, PCAP, Suricata, keylog, and terminal histories
  • 20 red team participants who passed a cyber screening questionnaire
  • 2-day cyber exercise attacking a single network with multiple key objectives and intermittent intelligence about the task

Naturalistic Cyber Attack Behavior with Host/Network Network Manipulations

  • 2-day cyber exercise attacking a single network with multiple key objectives and intermittent intelligence about the task
  • Host/Network Manipulations include realistic but potentially erroneous information such as mislabeled host names, applications, accounts, or files containing outdated credentials
  • 22 red team participants who passed a cyber screening questionnaire
  • Screening and demographics, self-reports and psychometric data, PCAP, Suricata, keylog, and terminal histories

SRI

SaikoCTF: HITBSec Conference

  • Cyber data, physiological data, survey data
  • Cyber conference attendees at HITBSec Conference in Thailand
  • 5 hours of multiple mini CTF events designed to elicit selected CogVulns

SaikoCTF: ECSC Conference

  • 5 hours of multiple mini CTF events designed to elicit selected CogVulns
  • Cyber conference attendees at ECSC Conference in Italy
  • Cyber data, physiological data, survey data

Multi-Country Heuristics Study

  • Online questionnaires and surveys to measure magnitude of cognitive effects and individual differences across geographically distributed populations
  • Over 500 participants from 30 countries worldwide
  • Big Five, GRiPS, ABC, CRT-3, other surveys, and self reports

SaikoCTF: EkoParty Conference

  • 5 hours of multiple mini CTF events designed to elicit selected CogVulns
  • Cyber conference attendees at EkoParty Conference in Argentina
  • Cyber data, physiological data, survey data

SaikoCTF: In-House Lab Cyber Exercise
SaikoCTF: TBD Conference
SaikoCTF: Online Game CTF

  • Currently in progress...