TY - CHAP
T1 - RADAMS
T2 - Defending Against Proactive Attention Attacks
AU - Huang, Linan
AU - Zhu, Quanyan
N1 - Publisher Copyright:
© 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.
PY - 2023
Y1 - 2023
N2 - Following the definition in Sect. 1.2.3.2, in this chapter, we identify and formally define a new type of proactive attention attacks called Informational Denial-of-Service (IDoS) attacks that generate a large volume of feint attacks to overload human operators and hide real attacks among feints. We incorporate human factors (e.g., levels of expertise, stress, and efficiency) and empirical psychological results (e.g., the Yerkes–Dodson law and the sunk cost fallacy) to model the operators’ attention dynamics and their decision-making processes along with the real-time alert monitoring and inspection. To assist human operators in dismissing the feints and escalating the real attacks timely and accurately, we develop a Resilient and Adaptive Data-driven alert and Attention Management Strategy (RADAMS) that de-emphasizes alerts selectively based on the abstracted category labels of the alerts. RADAMS uses Reinforcement Learning (RL) to achieve a customized and transferable design for various human operators and evolving IDoS attacks. The integrated modeling and theoretical analysis lead to the Product Principle of Attention (PPoA), fundamental limits, and the tradeoff among crucial human and economic factors.
AB - Following the definition in Sect. 1.2.3.2, in this chapter, we identify and formally define a new type of proactive attention attacks called Informational Denial-of-Service (IDoS) attacks that generate a large volume of feint attacks to overload human operators and hide real attacks among feints. We incorporate human factors (e.g., levels of expertise, stress, and efficiency) and empirical psychological results (e.g., the Yerkes–Dodson law and the sunk cost fallacy) to model the operators’ attention dynamics and their decision-making processes along with the real-time alert monitoring and inspection. To assist human operators in dismissing the feints and escalating the real attacks timely and accurately, we develop a Resilient and Adaptive Data-driven alert and Attention Management Strategy (RADAMS) that de-emphasizes alerts selectively based on the abstracted category labels of the alerts. RADAMS uses Reinforcement Learning (RL) to achieve a customized and transferable design for various human operators and evolving IDoS attacks. The integrated modeling and theoretical analysis lead to the Product Principle of Attention (PPoA), fundamental limits, and the tradeoff among crucial human and economic factors.
KW - Alert fatigue
KW - Cognitive load
KW - Feint attacks
KW - Proactive attention vulnerability
KW - Reinforcement learning
KW - Risk analysis
UR - http://www.scopus.com/inward/record.url?scp=85161895848&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85161895848&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-30709-6_6
DO - 10.1007/978-3-031-30709-6_6
M3 - Chapter
AN - SCOPUS:85161895848
T3 - SpringerBriefs in Computer Science
SP - 85
EP - 99
BT - SpringerBriefs in Computer Science
PB - Springer
ER -