Matching Items (8)
Filtering by
- All Subjects: Teamwork
- All Subjects: Cyber Security
- Creators: Cooke, Nancy J.
Description
Although current urban search and rescue (USAR) robots are little more than remotely controlled cameras, the end goal is for them to work alongside humans as trusted teammates. Natural language communications and performance data are collected as a team of humans works to carry out a simulated search and rescue task in an uncertain virtual environment. Conditions are tested emulating a remotely controlled robot versus an intelligent one. Differences in performance, situation awareness, trust, workload, and communications are measured. The Intelligent robot condition resulted in higher levels of performance and operator situation awareness (SA).
ContributorsBartlett, Cade Earl (Author) / Cooke, Nancy J. (Thesis advisor) / Kambhampati, Subbarao (Committee member) / Wu, Bing (Committee member) / Arizona State University (Publisher)
Created2015
Description
This thesis describes a synthetic task environment, CyberCog, created for the purposes of 1) understanding and measuring individual and team situation awareness in the context of a cyber security defense task and 2) providing a context for evaluating algorithms, visualizations, and other interventions that are intended to improve cyber situation awareness. CyberCog provides an interactive environment for conducting human-in-loop experiments in which the participants of the experiment perform the tasks of a cyber security defense analyst in response to a cyber-attack scenario. CyberCog generates the necessary performance measures and interaction logs needed for measuring individual and team cyber situation awareness. Moreover, the CyberCog environment provides good experimental control for conducting effective situation awareness studies while retaining realism in the scenario and in the tasks performed.
ContributorsRajivan, Prashanth (Author) / Femiani, John (Thesis advisor) / Cooke, Nancy J. (Thesis advisor) / Lindquist, Timothy (Committee member) / Gary, Kevin (Committee member) / Arizona State University (Publisher)
Created2011
Description
The American Heart Association (AHA) estimates that there are approximately 200,000 in-hospital cardiac arrests (IHCA) annually with low rates of survival to discharge at about 22%. Training programs for cardiac arrest teams, also termed code teams, have been recommended by the Institute of Medicine (IOM) and in the AHA's consensus statement to help improve these dismal survival rates. Historically, training programs in the medical field are procedural in nature and done at the individual level, despite the fact that healthcare providers frequently work in teams. The rigidity of procedural training can cause habituation and lead to poor team performance if the situation does not match the original training circumstances. Despite the need for team training, factors such as logistics, time, personnel coordination, and financial constraints often hinder resuscitation team training. This research was a three-step process of: 1) development of a metric specific for the evaluation of code team performance, 2) development of a communication model that targeted communication and leadership during a code blue resuscitation, and 3) training and evaluation of the code team leader using the communication model. This research forms a basis to accomplish a broad vision of improving outcomes of IHCA events by applying conceptual and methodological strategies learned from collaborative and inter-disciplinary science of teams.
ContributorsHinski, Sandra T. (Author) / Cooke, Nancy J. (Thesis advisor) / Roscoe, Rod (Committee member) / Bekki, Jennifer (Committee member) / Arizona State University (Publisher)
Created2017
Description
Reasoning about the activities of cyber threat actors is critical to defend against cyber
attacks. However, this task is difficult for a variety of reasons. In simple terms, it is difficult
to determine who the attacker is, what the desired goals are of the attacker, and how they will
carry out their attacks. These three questions essentially entail understanding the attacker’s
use of deception, the capabilities available, and the intent of launching the attack. These
three issues are highly inter-related. If an adversary can hide their intent, they can better
deceive a defender. If an adversary’s capabilities are not well understood, then determining
what their goals are becomes difficult as the defender is uncertain if they have the necessary
tools to accomplish them. However, the understanding of these aspects are also mutually
supportive. If we have a clear picture of capabilities, intent can better be deciphered. If we
understand intent and capabilities, a defender may be able to see through deception schemes.
In this dissertation, I present three pieces of work to tackle these questions to obtain
a better understanding of cyber threats. First, we introduce a new reasoning framework
to address deception. We evaluate the framework by building a dataset from DEFCON
capture-the-flag exercise to identify the person or group responsible for a cyber attack.
We demonstrate that the framework not only handles cases of deception but also provides
transparent decision making in identifying the threat actor. The second task uses a cognitive
learning model to determine the intent – goals of the threat actor on the target system.
The third task looks at understanding the capabilities of threat actors to target systems by
identifying at-risk systems from hacker discussions on darkweb websites. To achieve this
task we gather discussions from more than 300 darkweb websites relating to malicious
hacking.
attacks. However, this task is difficult for a variety of reasons. In simple terms, it is difficult
to determine who the attacker is, what the desired goals are of the attacker, and how they will
carry out their attacks. These three questions essentially entail understanding the attacker’s
use of deception, the capabilities available, and the intent of launching the attack. These
three issues are highly inter-related. If an adversary can hide their intent, they can better
deceive a defender. If an adversary’s capabilities are not well understood, then determining
what their goals are becomes difficult as the defender is uncertain if they have the necessary
tools to accomplish them. However, the understanding of these aspects are also mutually
supportive. If we have a clear picture of capabilities, intent can better be deciphered. If we
understand intent and capabilities, a defender may be able to see through deception schemes.
In this dissertation, I present three pieces of work to tackle these questions to obtain
a better understanding of cyber threats. First, we introduce a new reasoning framework
to address deception. We evaluate the framework by building a dataset from DEFCON
capture-the-flag exercise to identify the person or group responsible for a cyber attack.
We demonstrate that the framework not only handles cases of deception but also provides
transparent decision making in identifying the threat actor. The second task uses a cognitive
learning model to determine the intent – goals of the threat actor on the target system.
The third task looks at understanding the capabilities of threat actors to target systems by
identifying at-risk systems from hacker discussions on darkweb websites. To achieve this
task we gather discussions from more than 300 darkweb websites relating to malicious
hacking.
ContributorsNunes, Eric (Author) / Shakarian, Paulo (Thesis advisor) / Ahn, Gail-Joon (Committee member) / Baral, Chitta (Committee member) / Cooke, Nancy J. (Committee member) / Arizona State University (Publisher)
Created2018
Description
Intelligence analysts’ work has become progressively complex due to increasing security threats and data availability. In order to study “big” data exploration within the intelligence domain the intelligence analyst task was abstracted and replicated in a laboratory (controlled environment). Participants used a computer interface and movie database to determine the opening weekend gross movie earnings of three pre-selected movies. Data consisted of Twitter tweets and predictive models. These data were displayed in various formats such as graphs, charts, and text. Participants used these data to make their predictions. It was expected that teams (a team is a group with members who have different specialties and who work interdependently) would outperform individuals and groups. That is, teams would be significantly better at predicting “Opening Weekend Gross” than individuals or groups. Results indicated that teams outperformed individuals and groups in the first prediction, under performed in the second prediction, and performed better than individuals in the third prediction (but not better than groups). Insights and future directions are discussed.
ContributorsBuchanan, Verica (Author) / Cooke, Nancy J. (Thesis advisor) / Maciejewski, Ross (Committee member) / Craig, Scotty D. (Committee member) / Arizona State University (Publisher)
Created2016
Description
The goal of this experiment is to observe the relation between synchrony and performance in 3-person teams in a simulated Army medic training environment (i.e., Monitoring Extracting and Decoding Indicators of Cognitive workload: MEDIC). The cardiac measure Interbeat-Interval (IBI) was monitored during a physically oriented, and a cognitively oriented task. IBI was measured using NIRS (Near-Infrared Spectrology), and performance was measured using a team task score during a balance board and puzzle task. Synchrony has not previously been monitored across completely different tasks in the same experiment. I hypothesize that teams with high synchrony will show high performance on both tasks. Although no significant results were discovered by the correlational analysis, a trend was revealed that suggests there is a positive relationship between synchrony and performance. This study has contributed to the literature by monitoring physiological measures in a simulated team training environment, making suggestions for future research.
ContributorsFedele, Michael A (Author) / Cooke, Nancy J. (Thesis advisor) / Gray, Rob (Committee member) / Roscoe, Rod (Committee member) / Arizona State University (Publisher)
Created2016
Description
Despite the prevalence of teams in complex sociotechnical systems, current approaches to understanding workload tend to focus on the individual operator. However, research suggests that team workload has emergent properties and is not necessarily equivalent to the aggregate of individual workload. Assessment of communications provides a means of examining aspects of team workload in highly interdependent teams. This thesis set out to explore how communications are associated with team workload and performance under high task demand in all-human and human–autonomy teams in a command and control task. A social network analysis approach was used to analyze the communications of 30 different teams, each with three members operating in a command and control task environment of over a series of five missions. Teams were assigned to conditions differentiated by their composition with either a naïve participant, a trained confederate, or a synthetic agent in the pilot role. Social network analysis measures of centralization and intensity were used to assess differences in communications between team types and under different levels of demand, and relationships between communication measures, performance, and workload distributions were also examined. Results indicated that indegree centralization was greater in the all-human control teams than in the other team types, but degree centrality standard deviation and intensity were greatest in teams with a highly trained experimenter pilot. In all three team types, the intensity of communications and degree centrality standard deviation appeared to decrease during the high demand mission, but indegree and outdegree centralization did not. Higher communication intensity was associated with more efficient target processing and more successful target photos per mission, but a clear relationship between measures of performance and decentralization of communications was not found.
ContributorsJohnson, Craig Jonathon (Author) / Cooke, Nancy J. (Thesis advisor) / Gray, Robert (Committee member) / Gutzwiller, Robert S (Committee member) / Arizona State University (Publisher)
Created2020
Description
Cyber threats are growing in number and sophistication making it important to continually study and improve all dimensions of cyber defense. Human teamwork in cyber defense analysis has been overlooked even though it has been identified as an important predictor of cyber defense performance. Also, to detect advanced forms of threats effective information sharing and collaboration between the cyber defense analysts becomes imperative. Therefore, through this dissertation work, I took a cognitive engineering approach to investigate and improve cyber defense teamwork. The approach involved investigating a plausible team-level bias called the information pooling bias in cyber defense analyst teams conducting the detection task that is part of forensics analysis through human-in-the-loop experimentation. The approach also involved developing agent-based models based on the experimental results to explore the cognitive underpinnings of this bias in human analysts. A prototype collaborative visualization tool was developed by considering the plausible cognitive limitations contributing to the bias to investigate whether a cognitive engineering-driven visualization tool can help mitigate the bias in comparison to off-the-shelf tools. It was found that participant teams conducting the collaborative detection tasks as part of forensics analysis, experience the information pooling bias affecting their performance. Results indicate that cognitive friendly visualizations can help mitigate the effect of this bias in cyber defense analysts. Agent-based modeling produced insights on internal cognitive processes that might be contributing to this bias which could be leveraged in building future visualizations. This work has multiple implications including the development of new knowledge about the science of cyber defense teamwork, a demonstration of the advantage of developing tools using a cognitive engineering approach, a demonstration of the advantage of using a hybrid cognitive engineering methodology to study teams in general and finally, a demonstration of the effect of effective teamwork on cyber defense performance.
ContributorsRajivan, Prashanth (Author) / Cooke, Nancy J. (Thesis advisor) / Ahn, Gail-Joon (Committee member) / Janssen, Marcus (Committee member) / Arizona State University (Publisher)
Created2014