Skip to main content

A Taxonomy of Cyber Awareness Questions for the User-Centered Design of Cyber Situation Awareness

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNISA,volume 8030)


This paper offers insights to how cyber security analysts establish and maintain situation awareness of a large computer network. Through a series of interviews, observations, and a card sorting activity, we examined the questions analysts asked themselves during a network event. We present the results of our work as a taxonomy of cyber awareness questions that represents a mental model of situation awareness in cyber security analysts.


  • Computer security
  • situation awareness
  • user-centered design

This article is a work of the U.S. Government, and per 17 U.S.C. §105, receives no copyright protection within the U.S. In those countries that afford the article copyright protection, the U.S. Government puts the article into the public domain.


  1. Botta, D., Werlinger, R., Gagné, A., Beznosov, K., Iverson, L., Fels, S., Fisher, B.: Towards Understanding IT Security Professionals and Their Tools. In: ACM Symposium on Usable Privacy and Security, pp. 100–111 (2007)

    Google Scholar 

  2. D’Amico, A., Whitley, K., Tesone, D., O’Brien, B., Roth, E.: Achieving Cyber Defense Situational Awareness: A Cognitive Task Analysis of Information Assurance Analysts. In: Human Factors and Ergonomics Society Annual Meeting, pp. 229–233 (2005)

    Google Scholar 

  3. D’Amico, A., Whitley, K.: The Real Work of Computer Network Defense Analysts. In: Symposium on Visualizations for Computer Security, pp. 19–37 (2007)

    Google Scholar 

  4. Endsley, M.R.: Toward a Theory of Situation Awareness in Dynamic Systems. Human Factors 37(1), 32–64 (1995)

    CrossRef  Google Scholar 

  5. Goodall, J.R., Lutters, W.G., Komlodi, A.: Developing expertise for network intrusion detection. Information Technology & People 22(2), 92–108 (2009)

    CrossRef  Google Scholar 

  6. Hudson, W.: Card Sorting. In: Soegaard, M., Dam, R. (eds.) The Encyclopedia of Human-Computer Interaction, 2nd edn. The Interaction Design Foundation, Aarhus (2013)

    Google Scholar 

  7. Thompson, R.S., Rantanen, E.M., Yurcik, W.: Network Intrusion Detection Cognitive Task Analysis: Textual and Visual Tool Usage and Recommendations. In: Human Factors and Ergonomics Society Annual Meeting, pp. 669–673 (2006)

    Google Scholar 

  8. Werlinger, R., Muldner, K., Kawkey, K., Beznosov, K.: Preparation, detection, and analysis: the diagnostic work of IT security incident response. Information Management & Computer Security 18(1), 26–42 (2010)

    CrossRef  Google Scholar 

Download references

Author information

Authors and Affiliations


Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Paul, C.L., Whitley, K. (2013). A Taxonomy of Cyber Awareness Questions for the User-Centered Design of Cyber Situation Awareness. In: Marinos, L., Askoxylakis, I. (eds) Human Aspects of Information Security, Privacy, and Trust. HAS 2013. Lecture Notes in Computer Science, vol 8030. Springer, Berlin, Heidelberg.

Download citation

  • DOI:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-39344-0

  • Online ISBN: 978-3-642-39345-7

  • eBook Packages: Computer ScienceComputer Science (R0)