The Cry Wolf IDS Simulator
Cry Wolf provides an environment for conducting controlled experiments of cyber security analysis tasks. Cry Wolf supports studying the impact of IDS false alarm rate on human analyst’s ability to correctly classify simulated alerts.
More about Cry Wolf and it’s uses:
- Cry Wolf: Toward an Experimentation Platform and Dataset for Human Factors in Cyber Security Analysis - William Roden and Lucas Layman. In 2020 ACM Southeast Conference (ACMSE 2020), April 2–4, 2020, Tampa, FL,USA.ACM, New York, NY, USA, 4 pages. https://doi.org/10.1145/3374135.3385301
- The Cry Wolf Dataset - a dataset of simulated IDS alerts
Please contact Lucas Layman (email@example.com) If you are interested in using Cry Wolf.
The main alert table. Event numbers are links to alert details.
Alert Evalation Form
The alert details screen and evaluation form. Participants select their decision and a confidence rating. A confidence rating is not required for “I don’t know” answers.
The Security Playbook shown to participants during training and available during the main alert evaluation task.
An example training event.