“Think Like an Attacker”: Towards a Definition and Non-Technical Assessment of Adversarial Thinking

Peter A. H. Peterson
Department of Computer Science
University of Minnesota Duluth

12:00pm (noon) – 1pm
Friday, December 2, 2022
Remotely via WebEx: https://umbc.webex.com/meet/sherman

Recording of Talk


“Adversarial thinking” (AT), sometimes called the “security mindset” or described as the ability to “think like an attacker,” is widely accepted in the computer security community as an essential ability for successful cybersecurity practice. Supported by intuition and anecdotes, many in the community stress the importance of AT, and multiple projects have produced interventions explicitly intended to strengthen individual AT skills to improve security in general. However, there is no agreed-upon definition of “adversarial thinking” or its components, and accordingly, no test for it. Because of this absence, it is impossible to meaningfully quantify AT in subjects, AT’s importance for cybersecurity practitioners, or the effectiveness of interventions designed to improve AT. Working towards the goal of a characterization of AT in cybersecurity and a non-technical test for AT that anyone can take, I will discuss existing conceptions of AT from the security community, as well as ideas about AT in other fields with adversarial aspects including war, politics, law, critical thinking, and games. I will also describe some of the unique difficulties of creating a non-technical test for AT, compare and contrast this effort to our work on the CATS and Security Misconceptions projects, and describe some potential solutions. I will explore potential uses for such an instrument, including measuring a student’s change in AT over time, measuring the effectiveness of interventions meant to improve AT, comparing AT in different populations (e.g., security professionals vs. software engineers), and identifying individuals from all walks of life with strong AT skills—people who might help meet our world’s pressing need for skilled and insightful security professionals and researchers. Along the way, I will give some sample non-technical adversarial thinking challenges and describe how they might be graded and validated.

About the Speaker:

Peter A. H. Peterson is an associate professor of computer science at the University of Minnesota Duluth, where he teaches and directs the Laboratory for Advanced Research in Systems (LARS), a group dedicated to research in operating systems and security, with a special focus on research and development to make security education more effective and accessible. He is an active member of the Cybersecurity Assessment Tools (CATS) project, which created and validated two concept inventories for cybersecurity (the CCI and CCA) and is working on an NSF-funded grant to evaluate educational interventions at US military academies using the CCI. He is also working on an NSF CAREER award to articulate the most critical components of Adversarial Thinking, and to create, validate, and use a non-technical assessment for AT that anyone can take. He is also finishing an NSF project to create a misconcept inventory—a test about common misconceptions in cybersecurity. He earned his PhD from the University of California, Los Angeles for work on “adaptive compression”—systems that make compression decisions dynamically to improve efficiency. He can be reached at pahp@d.umn.edu.


Alan T. Sherman, sherman@umbc.edu

Upcoming CDL Meetings:

Dec 20, 10:30 am-12:30 pm, 3 In-Person presentations from the UMBC fall 2022 cybersecurity research class, location TBA
January 2-6, 2023 (tentative): SFS/CySP Research Study


Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681.

The UMBC Cyber Defense Lab meets biweekly Fridays 12-1 pm. All meetings are open to the public.