Cognitive Augmentation for Network Defense
AIR FORCE INST OF TECH WRIGHT-PATTERSON AFB OH SCHOOL OF ENGINEERING AND MANAGEMENT
Pagination or Media Count:
Traditionally, when a task is considered for automation it is a binary decision, either the task was completely automated or it remains manual. LOA is a departure from the tradition use of automation in cyber defense. When a task is automated, it removes the human administrator from the performance of the task, compromising their SA of the state of the network. When the administrator loses SA of the network performance and its current state, failure recovery time becomes much longer. This is because the administrators must orient themselves to the current state of the network at the time of failure and determine the cause of the failure before repairs or supplemental operations can occur. LOA attempts to mitigate this problem by keeping the administrator engaged in network tasks along side the automation agent. Keeping the administrator aware of both the automated systems performance and the performance of the network, while taking advantage of the automation systems speed and the complex decision making of the administrator. This research applies LOA to computer network defense during cyber attacks. The goal is to find the most efficient LOA that keeps the administrator engaged in the defense of the network while preserving efficiency. The LOA allows the administrator to supplement andor correct the automated system, while the automated system handles the time sensitive events to keep the administrator from being overwhelmed or the network from being compromised.
- Computer Systems Management and Standards
- Defense Systems