IARPA researching cyberattack defense using psychology

The Intelligence Advanced Research Projects Activity, or IARPA, is looking to “hack the hackers” using hackers’ cognitive biases to help defend against cyberattacks, according to FCW. The agency is researching how to create and leverage algorithms that would “psych out” the hackers or attackers themselves, by turning their “innate decision-making biases and cognitive vulnerabilities” against them.

IARPA “invests in high-risk, high-payoff research programs to tackle some of the most difficult challenges of the agencies and disciplines in the Intelligence Community (IC),” according to the agency’s website.

IARPA is planning to hold a security event next month in San Diego to explore this possibility. The IARPA Reimagining Security with Cyberpsychology-Informed Network Defenses, or ReSCIND, program will hold a day for applicants to participate in five-minute lightning talks on February 28.

The talks will focus on how human psychological limitations can be identified, measured, and influenced—and ultimately automated—to counter cyberattack behavior.

From the ReSCIND program website:

ReSCIND seeks to develop novel methods to: 1) identify and model human limitations or cognitive biases relevant to cyber attack behavior, 2) understand, measure, and induce changes in cyber attack behavior and success, and 3) provide algorithms for automated adaptation of these solutions based on observed cyber attacker behavior.

According to a 2019 paper by researchers at Arizona State University, the Laboratory for Advanced Cybersecurity Research and the Naval Information Warfare Center, one way to achieve this goal is by deploying a strategy known as Oppositional Human Factors. 

“OHF is based on flipping recommendations and techniques that normally improve behavior or usability, in order to disrupt attacker cognition,” the paper said. “The attack surface which defenders must protect is growing untenably vast. Attackers are very persistent, and in cyber defense, any realized reduction in threat (including delay) is a success.”


Discover more from Cybersecurity Careers Blog

Subscribe to get the latest posts sent to your email.