Toward Explainable Users: Using NLP to Enable AI to Understand Users’ Perceptions of Cyber Attacks

  title={Toward Explainable Users: Using NLP to Enable AI to Understand Users’ Perceptions of Cyber Attacks},
  author={Faranak Abri and Luis Felipe Guti{\'e}rrez and Chaitra Kulkarni and Akbar Siami Namin and Keith S. Jones},
  journal={2021 IEEE 45th Annual Computers, Software, and Applications Conference (COMPSAC)},
To understand how end-users conceptualize consequences of cyber security attacks, we performed a card sorting study, a well-known technique in Cognitive Sciences, where participants were free to group the given consequences of chosen cyber attacks into as many categories as they wished using rationales they see fit. The results of the open card sorting study showed a large amount of inter-participant variation making the research team wonder how the consequences of security attacks were… 

Figures and Tables from this paper



Experimental Evaluations of Expert and Non-expert Computer Users ’ Mental Models of Security Risks

This work is a first experimental step in evaluating the informal, implicit, and unexamined use of mental models in computer security and shows that for a wide range of security risks self-identified security experts and non-experts have quite distinct mental models.

Predicting Consequences of Cyber-Attacks

Machine learning and natural language processing techniques are used to predict the consequences of cyberattacks to enable security researchers to have tools at their disposal that makes it easier to communicate the attack consequences with various stakeholders who may have little to no cybersecurity expertise.

Effectively Communicate Risks for Diverse Users: A Mental-Models Approach for Individualized Security Interventions

A qualitative card-sorting study how lay and expert users assess risks connected to Web sites indicates the diversity of mental models, both between the two groups and between individuals, particularly related to their preferences.

Be Prepared: How US Government Experts Think About Cybersecurity

The experts as a group don’t trust, develop plans and are proactive in their approach to online security and see security as a personal challenge rather than a risky and potentially disrupting experience.

Mental Models of Security Risks

This research shows that for a variety of the security risks self-identified security experts and non-experts have different mental models, and it is proposed that the design of the risk communication methods should be based on the non-expert mental models.

Bridging the Gap in Computer Security Warnings: A Mental Model Approach

A mental model interview study is described to gain insight into how advanced and novice computer users perceive and respond to computer warnings, so developers can leverage the approaches of advanced users to design more effective warnings for novice users.

A comparison of LSA, wordNet and PMI-IR for predicting user click behavior

A comparison of three semantic systems-LSA, WordNet and PMI-IR-to evaluate their performance in predicting the link that people would select given an information goal and a webpage is discussed.

Novices Perform Like Experts on a Closed Card Sort but Not an Open Card Sort

This study compared novice and expert performance on a card sort task under two conditions, an open sort and a closed sort, and found that novices in the closed sort tended to match expert sorting results more closely than in the open sort.

An Introduction to Latent Semantic Analysis

The Latent Semantic Analysis model (Landauer & Dumais, 1997) is a theory for how meaning representations might be learned from encountering large samples of language without explicit directions as to

Ensemble Learning for Detecting Fake Reviews

The application of a number of ensemble learning-based approaches to a collection of fake restaurant reviews that are developed show that these ensemble learning -based approaches detect deceptive information better than conventional machine learning algorithms.