CAVA: Cognitive Aid for Vulnerability Analysis
Files
Date
2024-01-03
Contributor
Advisor
Department
Instructor
Depositor
Speaker
Researcher
Consultant
Interviewer
Narrator
Transcriber
Annotator
Journal Title
Journal ISSN
Volume Title
Publisher
Volume
Number/Issue
Starting Page
7377
Ending Page
Alternative Title
Abstract
Becoming a reverse engineer (RE) requires rigorous training and understanding of program structure and functionality, and experts develop heuristic strategies and intuitions from real-world experiences. This paper attempts to capture REs’ strategies and intuitions within a predictive cognitive model and demonstrate the feasibility of assisting novice REs using an intelligent recommender called CAVA (Cognitive Aid for Vulnerability Analysis). CAVA leverages physiological sensors to assess a novice’s cognitive states and provides real-time visual hints when the novice’s attention and engagement diminish. We instrumented Ghidra and conducted pilot experiments with REs. Open-loop experiments with 9 REs confirmed the feasibility of identifying novices from experts using physiological signals, and a pilot closed-loop experiment tested the feasibility of providing visual recommendations to a novice. Despite challenges in recruiting REs, our progress suggests that CAVA is a promising approach to improve novice performance and our understanding of experts’ behavior when performing complex real-world reverse engineering tasks.
Description
Keywords
Cyber Operations, Defense, and Forensics, closed-loop visual aid, cognitive model, software reverse engineering
Citation
Extent
10 pages
Format
Geographic Location
Time Period
Related To
Proceedings of the 57th Hawaii International Conference on System Sciences
Related To (URI)
Table of Contents
Rights
Attribution-NonCommercial-NoDerivatives 4.0 International
Rights Holder
Local Contexts
Collections
Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.