The ReSCIND Program focuses on inducing or intensifying cognitive biases or other cognitive limitations to thwart cyber attackers through both novel network and host-based technologies. Rather than just attempting to detect and stop suspicious movement on the network, Offerors will propose innovative solutions to increase the effort and resources spent by cyber attackers by impacting their decision-making.
The ReSCIND Program seeks novel methods that:
- Identify, and provide evidence of, Cognitive Vulnerabilities (CogVulns) relevant to cyber attackers;
- Understand, measure, and induce changes in cyber attack behavior and success;
- Develop Cyberpsychology-informed Defenses (CyphiDs) impacting both early and late stage attacks;
- Create Cyber-specific Computational Cognitive Model(s) (C3M)2 that reflect and predict attacker behavior; and
- Produce Adaptative Psychology-informed Defenses (APhiDs) which automate the preferred sequence of CyphiDs based on observed attacker behavior.
Technical Challenges and Objectives include:
- Identify and provide evidence of CogVulns relevant to cyber attack behavior.
- Understand, measure, and induce changes in cyber attack behavior and success.
- Develop a collection of cyberpsychology-informed defenses (CyphiDs), each including a set of bias sensors and bias triggers focused on a cyber behavioral impact, for both early and late stages of a cyber attack.
- Create cyber-specific computational cognitive models (C3M) that reflect and predict attacker behavior changes in reaction to CyphiD interventions.
- Produce an adaptive psychology-informed defenses (APhiD) which includes logic to automate the selection of multiple CyphiDs over time, based on observed attacker behavior.
The program is expected to comprise 3 phases, running over a total of 45 months.
Collaborative efforts and teaming arrangements among Offerors are strongly encouraged. It is anticipated that teams will be multidisciplinary and may include expertise in one or more of the following disciplines:
- Behavioral science and cognitive psychology
- Defensive cyber operations
- Cognitive modeling
- Cyber attack modeling
- Penetration testing/red teaming and adversary emulation
- Artificial intelligence and adaptive systems
- Statistical data analysis and mathematical modeling
- Software development and engineering
- Cognitive and neurosciences
- Human factors engineering
- Human computer interaction
- Computer security and network security
Proposals due 26 May 2023.