Abstract

In this paper we present a new human-in-the-loop simulation designed to help better understand the role of the human in a cyber-analysis task. Based on qualitative research, previous literature within cyber security, and our experience creating simulations, we built a new system, idsNETS, which is capable of simulating both the environment and data that is present in a cyber-security intrusion detection task. This simulation, which is the first built upon the NeoCITIES Experimental Task Simulator (NETS), was implemented to mimic the task of an intrusion detection analyst. From this work, we present an overview of the scaled-world definitions, the NETS Simulation Engine, and the Simulation User Interface, as well as discuss how this simulation can be leveraged to measure situation awareness in cyber security. Finally we discuss the future research that the idsNETS system will enable us to conduct.