ReSCIND Data Sets

Narrative: General Cyber CogVuln Study

• Evaluated 17+ CogVulns found via established methods in independent, localized cyber decisions (cyber isomorphs)
• 420 participants who passed a cyber knowledge screener
• Psychometric data, questionnaires, timing, and self-reports
• Link to Data Set
• Link to Data Set Cover Sheet

Narrative: Situated Cyber CogVuln Study

• Evaluated Multiple CogVulns in decision points situated within 6 cyber narratives following a cyber attack chain
• 111 cyber expert participants who passed a knowledge screener
• Psychometric data, questionnaires, timing, and self-reports
• Link to Data Set
• Link to Data Set Cover Sheet

Narrative: On-Range Cyber Attack CogVuln Exercise

• Evaluating presence and activation of CogVulns when participants were given broad direction to perform cyber attacks within a rich cyber environment
• # cyber expert participants who passed a knowledge screener
• Demographics, self-reports and psychometric data, and cyber activity (e.g. PCAP, Suricata, keylog, and terminal histories)
• Currently In Progress
• Link to Data Set
• Link to Data Set Cover Sheet - coming soon

Naturalistic Cyber Attack Behavior with Host/Network Manipulations (EXP1)

• 2-day cyber exercise attacking a single network with multiple key objectives and intermittent intelligence about the task
• Host/Network Manipulations include realistic but potentially erroneous information such as mislabeled host names, applications, accounts, or files containing outdated credentials
• 19 red team participants who passed a cyber screening questionnaire
• Screening and demographics, self-reports and psychometric data, PCAP, Suricata, keylog, and terminal histories 
• Link to Data Set
• Link to Data Set Cover Sheet

Naturalistic Cyber Attack Behavior with Host/Network Manipulations (EXP2) 

• 2-day cyber exercise attacking a single network with multiple key objectives and intermittent intelligence about the task
• Host/Network Manipulations include realistic but potentially erroneous information such as mislabeled host names, applications, accounts, or files containing outdated credentials
• 20 red team participants who passed a cyber screening questionnaire
• Screening and demographics, self-reports and psychometric data, PCAP, Suricata, keylog, and terminal histories
• Link to Data Set
• Link to Data Set Cover Sheet

Naturalistic Cyber Attack Behavior with Host/Network Network Manipulations (EXP3)

•  2-day cyber exercise attacking a single network with multiple key objectives and intermittent intelligence about the task
• Host/Network Manipulations include realistic but potentially erroneous information such as mislabeled host names, applications, accounts, or files containing outdated credentials
• 22 red team participants who passed a cyber screening questionnaire
• Screening and demographics, self-reports and psychometric data, PCAP, Suricata, keylog, and terminal histories 
• Link to Data Set
• Link to Data Set Cover Sheet

SaikoCTF: In-Person HITBSec Conference

• HITBSec conference CTF (Aug 26-30 2024, Bangkok, Thailand); each challenge (6) designed to test one CogVuln
• Surveys, cyber activity, screen recordings, physiological data (EEG, ECG, GSR)
• 16 participants from 5 countries
• Link to Data Set
• Link to Data Set Cover Sheet

SaikoCTF: In-Person ECSC Conference

• ECSC conference CTF (Oct 08-11 2024, Turin, Italy); each challenge (6) designed to test one CogVuln
• Surveys, cyber activity, screen recordings, physiological data (EEG, ECG, GSR)
• 60 participants (34 physio) from 23 countries
• Link to Data Set
• Link to Data Set Cover Sheet

SaikoCTF: In-Person EkoParty Conference

• EkoParty conference CTF (Nov 13-15 2024, Buenos Aires, Argentina); each challenge (6) designed to test one CogVuln
• Surveys, cyber activity, screen recordings, physiological data (EEG, ECG, GSR)
• 53 participants (24 physio) from 13 countries
• Link to Data Set
• Link to Data Set Cover Sheet

SaikoCTF: In-Person Lab Cyber Exercise

• Lab-based CTF (6 hour event); each challenge (10) designed to test one CogVuln
• Surveys, cyber data, and screen recordings
• 2 cyber warfare technicians (NIWC Corry Station); 2 students (UWF Cyber Club)
• Link to Data Set
• Link to Data Set Cover Sheet

SaikoCTF: Online Games

• Worldwide online CTF (11 hour event); each challenge (10) designed to test one CogVuln
• Surveys, cyber activity (e.g., pcap, syslog), screen recordings
• Total of 187 participants from 32 countries covering four separate events
• Link to Data Set
• Link to Data Set Cover Sheet

Multi-Country Heuristics Online Study

• Online survey-based measaures of cognitive bias across geographically distributed populations
• Big Five, Portrait Values Questionnaire; C-Test (English language proficiency); CRT-3, GRiPS, ADMC, overclaiming, Assessment of Biases in Cognition (ABC)
• Over 2,100 crowdsourced participants from 78 countries
• Link to Data Set
• Link to Data Set Cover Sheet

Cognitive Task Analysis

• Subject matter expert (SME) semi-structured interviews and domain analysis to understand CTF decision-making and planning processes
• Task Diagrams, goal-directed task analysis, fuzzy cognitive maps, recent case walkthroughs, and CTF challenges
• 5 SME participants
• Link to Data Set
• Link to Data Set Cover Sheet

TEST & EVALUATION