Cognitive Security and Social Engineering: A Systems-Based Approach

Presented at BSidesLV 2023, Aug. 9, 2023, 2 p.m. (Unknown duration)

Cognitive Security is differentiated from more traditional security domains in three ways. First, cognitive security is concerned with protecting cognitive systems not necessarily humans; second, cognitive security considers multiple dimensions of system interaction, and third cognitive security considers multiple scales of operation. Adopting a "systems" perspective considers the interconnectedness of system elements, the function of the system, and scalability; systems-of-systems which may result in one system influencing another. This can be problematic from a security perspective because an effect might be induced in one system that causes an effect in another system, without the effected having visibility into the original cause. Three scales of engagement: the tactical level (single engagements), the operational level (multiple engagements), and the strategic level (traditional security concerns in addition to political and economic levers); combed with an extended OSI Model which includes Layers 8, 9, and 10 to describe human factors, describes a full stack for cognitive security. In order to successfully launch a cognitive attack, threat actors must achieve the objectives of four phases of a Cognitive Security Attack Cycle: Collection, Preparation, Execution, and finally Exploitation. Each phase of the implies points of vulnerability at which an attack might be disrupted.

Presenters:

• Dr. Ben D. Sawyer
  Dr. Ben D. Sawyer is an applied neuroscientist and human factors engineer known for using brainwaves, eye movements, and mathematical theory to build better human-machine teams. His models and algorithms power trustworthy machines that work with their human partners. His design recommendations are leveraged by Fortune 500 companies. His work has been covered by Forbes, Reuters, Fast Company, and The BBC, and more. Dr. Sawyer's postdoctoral work at MIT was in collaboration with industry including Google, Jaguar-Landrover, Honda, DENSO, Monotype, and Panasonic. A two-time Repperger Research Fellow with the Air Force Research Laboratory (AFRL), he performed research with the 711th Human Performance Wing in both their Applied Neuroscience and Battlefield Acoustics (BATMAN group) divisions. He is a recipient of The Human Factors Prize, for Cybersecurity research, The K.U. Smith Award, for consumer electronics work investigating driving distraction and Google Glass, and an Outstanding Dissertation Award for work investigating the applied psychophysics of warfighter multitasking. Dr. Sawyer is presently faculty in Industrial Engineering and Management Systems and the Institute for Simulation and Training at UCF, and the Director of LabX, an applied neuroscience group addressing human performance.
• Matthew Canham

Links:

• https://www.bsideslv.org/talks#3CFRN8

Similar Presentations:

• DEF CON 25 (2017) / Total Recall: Implanting Passwords in Cognitive Memory
• Diana Initiative 2020 Virtual / A case against “Google it”: A cognitive science approach
• DEF CON 21 (2013) / Hacking Wireless Networks of the Future: Security in Cognitive Radio Networks