Leveraging Human Psychology to Thwart Cyber Attacks

CMU researchers use cognitive AI to get into the mind of the person behind a cyberattack to build stronger defenses for future networks

Carnegie Mellon University

April 5, 2024

According to the Statista website, 5.5 billion malware (malicious software) incursions were detected around the world in 2022. Most cyber defense systems are structured around machine learning, a form of artificial intelligence (AI) that uses data and algorithms to do faster and complex information processing that humans have difficulty doing. It is often used to prevent unwelcome infiltration into a computer network or deflect engaging emails. This approach is effective at the surface level, but it doesn’t address the person engineering the attack.

Cleotilde Gonzalez, research professor in the Department of Social and Decision Sciences at Carnegie Mellon University, aims to address cybersecurity using cognitive modeling, a form of AI directed at using algorithms to imitate humans and to understand the psychology of the cyber adversary.

Gonzalez’s team has partnered with Peraton Labs, an applied research organization that addresses cybersecurity, electronic warfare, mobility, analytics and networking for government and commercial customers worldwide. Recently, Peraton Labs was one of five teams to receive an award from the Intelligence Advanced Research Projects Activity (IARPA), the research and development arm of the Office of the Director of National Intelligence.

“Currently most cyber defenses in the world assume that there is a level of rationality of the attacker,” said Gonzalez. “Right now, none of the programs in existence have given much importance to the psychology of attackers. By bringing in human characteristics, the solutions we provide for cyber defenses will be more effective.”

Read the full story