Upload File

cognitive bias and security vulnerabilities the psychology of software engineering neil dixley

  • Home
  • Documents
  • Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY
14
Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY

Upload: job-gregory

Post on 24-Dec-2015

213 views

Category:

Documents


0 download

Report

Tags:

TRANSCRIPT

Page 1: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY

Cognitive Bias and Security VulnerabilitiesTHE PSYCHOLOGY OF SOFTWARE ENGINEERING

NEIL DIXLEY

Page 2: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY

Cognitive

Page 3: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY

Security failures are cognitive failures

Page 4: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY

Two systems one brain

AutomaticIntuitiveInstinctivePrimaryRapidBlind

ConsideredEffortfulFocusedSecondarySlowerLazy

Page 5: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY

Cognitive Bias

Page 6: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY

Anchoring

Page 7: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY

Loss Aversion

Page 8: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY

Principle of Authority

Page 9: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY

Mitigating cognitive failures

Page 10: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY

Threat Modelling

Page 11: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY

Check Lists

Page 12: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY

Security First

Page 13: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY

Further information

BBC Horizon – How we really make decisions

Wikipedia – List of Cognitive Biases

Cognitive Dissonance – the book

Cognitive Dissonance – the podcast

Page 14: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY

Thank you

Twitter : @neildixley

www.neildixley.com

Perfect Image

http://www.neildixley.com/

Detection & prevention of vulnerabilities in web applications · 2020. 3. 20. · vulnerabilities. 1.1 Common Web Application Vulnerabilities The risk of web application vulnerabilities

Relative versus cancer-specific survival: assumptions and potential bias Diana Sarfati 1, Matt Soeberg 1, Kristie Carter 1, Neil Pearce 2, Tony Blakely

Common Vulnerabilities

Finding Network Vulnerabilities. 2 Objectives Define vulnerabilities Name the common categories of vulnerabilities Discuss common system and network vulnerabilities

Server vulnerabilities

O cer bias in stop and search is exacerbated by deployment ... · O cer bias in stop and search is exacerbated by deployment decisions Lara Vomfell1,* and Neil Stewart1 1Warwick Business

Vulnerabilities - CordAid

Mobile Ion Effects on SiC MOS Bias- Temperature ...neil/SiC_Workshop... · Mobile Ion Effects on SiC MOS Bias-Temperature Instability Measurements 14-15 Aug 2014 1 . UNCLASSIFIED

DNS Vulnerabilities

Source port vulnerabilities in .JP - static ... - DNS-OARC · Vulnerabilities suspected Heavy user exists. Vulnerabilities suspected Heavy user exists. Vulnerabilities suspected 25

A Short Introduction to Epidemiology - Vula · PDF fileA Short Introduction to Epidemiology Second Edition Neil Pearce Occasional Report Series No 2 ... namely selection bias, information

802.16 Vulnerabilities

SECURITY TRENDS & VULNERABILITIES REVIEW WEB APPLICATIONS … · SECURITY TRENDS & VULNERABILITIES REVIEW WEB APPLICATIONS ff2017fl Contents ... SECURITY TRENDS & VULNERABILITIES

Linux Vulnerabilities

Neil Cameron - University of Cape · PDF fileNeil Cameron Community Health ... Expanded programme on Immunization (EPI) ... information bias, sample size < = program needs, Strict

XSS Vulnerabilities

Etienne Vincent Neil Carson NORAD Operational Research Team April 2012 A Decision Timeline Approach to Assessing Air and Maritime Vulnerabilities

Violence & Vulnerabilities

SQL Vulnerabilities

Vulnerabilities 101

Integrated Modeling of High-Temperature Gate-Bias …neil/SiC_Workshop/Presentations_2015/pdf only...Integrated Modeling of High-Temperature Gate-Bias (HTGB) Reliability Degradation

Volunteer bias Lead time bias Length bias Stage migration bias Pseudodisease

network vulnerabilities

Migrant Vulnerabilities

‘It’s Mine!’ Children’s memory bias for self-owned items Sheila Cunningham David Turk Neil Macrae Project funded by the European Research Council UNIVERSITY

Android Vulnerabilities

Security Vulnerabilities

1 Internet Browsing Vulnerabilities and Security ECE4112 Final Lab Ye Yan Frank Park Scott Kim Neil Joshi

Reducing Vulnerabilities

TCP Vulnerabilities

Officiating bias Football/Rugby League Presented by: Anthony Siokos (5835) Peter Cassar (5894) Neil Dunkley (5888) PD212: Problem Based Learning 2 Theme

Internet banking safeguards vulnerabilities - 2016.appsec.eu · • Vulnerabilities and best practices – transaction authorization vulnerabilities, trusted recipients feature abuses,

06 Vulnerabilities

OVERCOMING VULNERABILITIES, ACHIEVING SUSTAINABILITY - … · 2019. 11. 14. · 7 Overcoming Vulnerabilities, Achieving Sustainability Socioeconomic Vulnerabilities of Former Yugoslav

CJHare Self Bias, Time Bias