Guarding Against Malicious Biased Threats (GAMBiT) Experiments: Revealing Cognitive Bias in Human-Subjects Red-Team Cyber Range Operations
By: Brandon Beltz , Jim Doty , Yvonne Fonken and more
Potential Business Impact:
Helps computers spot sneaky hackers by watching them.
We present three large-scale human-subjects red-team cyber range datasets from the Guarding Against Malicious Biased Threats (GAMBiT) project. Across Experiments 1-3 (July 2024-March 2025), 19-20 skilled attackers per experiment conducted two 8-hour days of self-paced operations in a simulated enterprise network (SimSpace Cyber Force Platform) while we captured multi-modal data: self-reports (background, demographics, psychometrics), operational notes, terminal histories, keylogs, network packet captures (PCAP), and NIDS alerts (Suricata). Each participant began from a standardized Kali Linux VM and pursued realistic objectives (e.g., target discovery and data exfiltration) under controlled constraints. Derivative curated logs and labels are included. The combined release supports research on attacker behavior modeling, bias-aware analytics, and method benchmarking. Data are available via IEEE Dataport entries for Experiments 1-3.
Similar Papers
Guarding Against Malicious Biased Threats (GAMBiT): Experimental Design of Cognitive Sensors and Triggers with Behavioral Impact Analysis
Cryptography and Security
Tricks hackers' minds to stop cyberattacks.
Evidence of Cognitive Biases in Capture-the-Flag Cybersecurity Competitions
Cryptography and Security
Helps computers learn how hackers think.
A Case Study on the Use of Representativeness Bias as a Defense Against Adversarial Cyber Threats
Cryptography and Security
Tricks hackers' minds to stop cyberattacks.