How to use experience in cyber analysis: An analytical reasoning support system

Chen Zhong, Deepak S. Kirubakaran, John Yen, Peng Liu, Steve Hutchinson, Hasan Cam

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Scopus citations

Abstract

Cyber analysis is a difficult task for analysts due to huge amounts of noise-abundant monitoring data and increasing complexity of the reasoning tasks. Therefore, experience from experts can provide guidance for analysts' analytical reasoning and contribute to training. Despite its great potential benefits, experience has not been effectively leveraged in the existing reasoning support systems due to the difficulty of elicitation and reuse. To fill the gap, we propose an experience-aided reasoning support system which can automatically capture experts' experi-ence and subsequently guide the novices' reasoning in a step-by-step manner. Drawing on cognitive theory, we model experience as a reasoning process involving 'actions', 'observations', and 'hypotheses'. Computability and adaptability are the compar-ative advantages of this model: the 'hypotheses' capture analysts' internal mental reasoning as a black box, while the 'actions' and 'observations' formally representing the external context and analysts' evidence exploration activities. This paper demonstrates how this system, built on this experience model, can capture and utilize experience effectively.

Original languageEnglish (US)
Title of host publicationIEEE ISI 2013 - 2013 IEEE International Conference on Intelligence and Security Informatics
Subtitle of host publicationBig Data, Emergent Threats, and Decision-Making in Security Informatics
Pages263-265
Number of pages3
DOIs
StatePublished - Sep 9 2013
Event11th IEEE International Conference on Intelligence and Security Informatics, IEEE ISI 2013 - Seattle, WA, United States
Duration: Jun 4 2013Jun 7 2013

Publication series

NameIEEE ISI 2013 - 2013 IEEE International Conference on Intelligence and Security Informatics: Big Data, Emergent Threats, and Decision-Making in Security Informatics

Other

Other11th IEEE International Conference on Intelligence and Security Informatics, IEEE ISI 2013
CountryUnited States
CitySeattle, WA
Period6/4/136/7/13

All Science Journal Classification (ASJC) codes

  • Artificial Intelligence
  • Information Systems

Fingerprint Dive into the research topics of 'How to use experience in cyber analysis: An analytical reasoning support system'. Together they form a unique fingerprint.

Cite this