Guarding Against Malicious Biased Threats (GAMBiT): Experimental Design of Cognitive Sensors and Triggers with Behavioral Impact Analysis

TL;DR

The paper tackles the mismatch between traditional rational-actor assumptions and real-world attacker cognition by introducing GAMBiT, a framework that embeds cognitive triggers and sensors into cyber defenses. It combines CogVuln sensors, an LLM-based Attack Summarization Module, and a Theory-of-Mind Defender Agent (via PsychSim) to infer attacker biases and adapt defenses in real time. Three rounds of human-subject experiments in a simulated small-business network show that cognitive manipulations degrade attacker efficiency, divert attack paths, and increase detectability, yielding a rich dataset for understanding bias-driven behavior. This work presents a novel mind-as-battlefield paradigm and lays groundwork for proactive, psychologically informed cyber defenses with practical implications for adaptive deception and threat modeling.

Abstract

This paper introduces GAMBiT (Guarding Against Malicious Biased Threats), a cognitive-informed cyber defense framework that leverages deviations from human rationality as a new defensive surface. Conventional cyber defenses assume rational, utility-maximizing attackers, yet real-world adversaries exhibit cognitive constraints and biases that shape their interactions with complex digital systems. GAMBiT embeds insights from cognitive science into cyber environments through cognitive triggers, which activate biases such as loss aversion, base-rate neglect, and sunk-cost fallacy, and through newly developed cognitive sensors that infer attackers' cognitive states from behavioral and network data. Three rounds of human-subject experiments (total n=61) in a simulated small business network demonstrate that these manipulations significantly disrupt attacker performance, reducing mission progress, diverting actions off the true attack path, and increasing detectability. These results demonstrate that cognitive biases can be systematically triggered to degrade the attacker's efficiency and enhance the defender's advantage. GAMBiT establishes a new paradigm in which the attacker's mind becomes part of the battlefield and cognitive manipulation becomes a proactive vector for cyber defense.

Figures (12)

• Figure 1: Flow and structure of recruitment and data collection across the three experimental rounds (EXP1, EXP2 Control, and EXP2 Trigger). The diagram summarizes the end-to-end process from initial screening to debriefing. Participants completed a screening questionnaire, provided informed consent, and took a cybersecurity skill test that determined eligibility and division assignment. Those who passed filled out a demographic questionnaire before entering the two-day exercise. Each session comprised four hacking stages, two per day, with hourly self-reporting and continuous collection of system, network, and behavioral data. A final debriefing captured participant reflections and confirmed consistency across trigger and control conditions.
• Figure 2: Network topology with shortest attack path in red. Purple stars represent locations of cognitive triggers. The topology, attack path, and trigger placements are not visible to the attacker. The enterprise network emulates a small business environment distributed across multiple subnets, including IT, Finance, Sales, Developers, and Dev-Servers. Each subnet contains realistic host configurations, user accounts, data repositories, and background traffic to simulate authentic enterprise operations. The red dotted line depicts the only fully connected and exploitable sequence of hosts forming the valid attack path from the external red team network to the deepest protected targets. Cognitive triggers, such as decoy credentials, fake administrative accounts, and aliased commands, were embedded along this path to elicit measurable cognitive biases during penetration. The overall design ensured that while the system appeared operationally coherent to participants, the deceptive artifacts were indistinguishable from legitimate network elements, thereby preserving ecological validity during human-subject testing.
• Figure 3: Pipeline illustrating how the Attack Summarization Module (ASM) extracts and contextualizes attacker behaviors (MITRE ATT&CK TTPs) to inform the GAMBiT CogVuln sensor. SOC data from the small business network, comprising Suricata alerts, NetFlow, and host logs, are processed through the ASM, which integrates an ensemble of machine learning models, including rule-based mappings and a customized large language model. These outputs are filtered with SME-informed heuristics to associate each TTP with contextual factors such as task success, target host, and timing. The resulting structured signals are then passed to the CogVuln sensor, which estimates the likelihood that an attacker exhibits specific cognitive vulnerabilities. These estimates feed into a Theory-of-Mind (ToM) defender agent that models attacker decision-making and supports adaptive deception strategies. Blue elements denote components completed; dashed boxes indicate planned extensions under development.
• Figure 4: Illustration of probability distributions for the five cognitive vulnerabilities (CogVulns) estimated by GAMBiT’s Theory-of-Mind (ToM) sensor. Each curve represents a distinct form of cognitive distortion that modifies how an attacker perceives value, evaluates evidence, or selects actions. Loss Aversion produces an asymmetric utility function where losses are overweighted relative to equivalent gains, biasing attackers toward low-risk, low-reward actions. Confirmation Bias manifests as a bimodal belief distribution reflecting selective weighting of evidence that supports prior assumptions while discounting contradictory signals. Sunk Cost Fallacy appears as a skewed reward distribution in which continued investment in high-cost, low-return actions is irrationally preferred due to prior effort. Base Rate Neglect flattens the belief distribution, indicating a failure to incorporate prior probabilities and an overemphasis on recent or salient outcomes. Availability Bias shapes an action probability distribution concentrated around recent or familiar cues, such as frequently observed filenames, accounts, or directories, while undervaluing remote or less salient options.
• Figure 5: High-level trigger design process. The figure illustrates the end-to-end workflow for developing cognitive triggers used in the GAMBiT experiments. Subject-matter experts (SMEs) first operationalized cognitive vulnerabilities (CogVulns) within cybersecurity contexts, translating psychological constructs such as loss aversion or confirmation bias into observable decision points for attackers. Based on these mappings, the team designed static, technically plausible triggers—such as decoy credentials, fake administrative accounts, or aliased commands—to be deployed across the cyber range during human-subject experiments. Each trigger was embedded within realistic network environments to elicit specific bias-driven behaviors under naturalistic conditions. The triggers were then iteratively deployed and evaluated to measure behavioral effects and refine design parameters. While current work focused on static deployments, future work aims to develop adaptive triggers that can be dynamically selected and deployed by autonomous defender agents as part of real-time cognitive defense strategies.