报告题目（Title）: A COGNITIVE PROCESS TRACING APPROACH TO CYBERSECURITY DATA TRIAGE OPERATIONS AUTOMATION（网络安全数据分类自动化的一种认知过程跟踪方法）
报告人（Speaker）: Chen Zhong （仲琛）
单位（Affiliation）: Indiana University at Kokomo（美国印第安纳大学）
As the network monitoring data are usually generated at a rapid speed and contain a lot of noises, cyber security analysts are so far bounded by tedious and repetitive data triage tasks that they can hardly concentrate on in-depth analysis to generate timely and quality incident reports. These difficulties result in a great disparity in force between overwhelmed cyber security analysts and aggressive attackers. Therefore, there is an urgent need to liberate cyber security analysts from the tedious data analytics to focus on the higher-level cyber situational awareness. Aimed at reducing the analysts' workloads, I proposed an approach to capturing and leveraging analysts' previous cognitive processes of data triage. An interactive toolkit, named ARSCA, has been developed as a specific realization of the tracing method. The analysts’ experience knowledge implied by the collected traces were further utilized to construct an automated data triage systems to reduce the analysts’ workload. In conclusion, an initial step had been taken towards leveraging human analysts' previous cognitive processes to facilitate data triage. Its contribution lies in three aspects. The study shows that the proposed tracing method realizes the possibility of tracing human analysts' cognitive processes in a less intrusive manner while analysts are performing cyber security analytics tasks. Besides, the automated data triage system has been shown to be able to construct useful data triage rules from the collected traces to conduct automated data triage operations for analysts in an effective manner.
Chen Zhong is an assistant professor at Indiana University at Kokomo. She received her Ph.D. from the College of Information Sciences and Technology, Pennsylvania State University in 2016. She received the B.S. degree in Computer Science from Nanjing University in 2011. Her research interests include cyber security, artificial intelligence, cognitive modeling, and human-computer interaction. Her work has led to over 10 research papers published and presented at conferences including IEEE IDS, IEEE ISI, IEEE VAST, IEEE CogSIMA, ACM HotSOS, IEEE IDS, and two book chapters. She is a receiver of the GHC Faculty Scholarship in 2017 and was awarded the (ISC)2 Graduate Scholarship in 2015. Her Phd thesis was awarded the First Place in Engineering at the Pennsylvania State University Graduate Exhibition in 2015. Besides, she was awarded two travel grant awards from IEEE CogSIMA, and an Honorable Mention from VAST Challenge 2013. She is a member of ACM, IEEE, Sciene of Security VO, and IEEE Women in Engineering.