Vulnerabilities / Threats

7/1/2013
10:33 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Teaching A Computer To Play ‘Concentration’ Advances Security, Understanding Of The Human Mind

Findings will help researchers distinguish between human players and automated “bots”

Computer science researchers have programmed a computer to play the game Concentration (also known as Memory). The work could help improve computer security – and improve our understanding of how the human mind works.

The researchers developed a program to get the software system called ACT-R, a computer simulation that attempts to replicate human thought processes, to play Concentration. In the game, multiple matching pairs of cards are placed face down in a random order, and players are asked to flip over two cards, one at a time, to find the matching pairs. If a player flips over two cards that do not match, the cards are placed back face down. The player succeeds by remembering where the matching cards are located.

The researchers were able to either rush ACT-R’s decision-making, which led it to play more quickly but make more mistakes, or allow ACT-R to take its time, which led to longer games with fewer mistakes.

As part of the study, 179 human participants played Concentration 20 times each – 10 times for accuracy and 10 times for speed – to give the researchers a point of comparison for their ACT-R model.

The findings will help the researchers distinguish between human players and automated “bots,” ultimately helping them develop models to identify bots in a variety of applications. These bots pose security problems for online games, online voting and other Web applications.

“One way to approach the distinction between bot behavior and human behavior is to look at how bots behave,” says Dr. Robert St. Amant, an associate professor of computer science at NC State and co-author of a paper describing the work. “Another way is to look at what humans do. We’re focusing on the latter.”

“We’re looking for distinctions so subtle that they’d be very difficult to replicate outside of a cognitive architecture like ACT-R,” says Dr. David Roberts, an assistant professor of computer science at NC State and co-author of the paper. “The level of sophistication needed to replicate those distinctions in a bot would be so expensive, in terms of time and money, that it would – hopefully – be cost-prohibitive.”

The researchers were also able to modify the parameters of their Concentration model to determine which set of variables resulted in gameplay that most closely matched the gameplay of the human study participants.

This offers a plausible explanation of the cognitive processes taking place in the human mind when playing Concentration. For example, the Concentration model sometimes has a choice to make: remember a previous matching card and select it, or explore the board by selecting a new card. When playing for speed, the model takes the latter choice because it’s faster than retrieving the information from memory. This may also be what’s happening in the human brain when we play Concentration.

“This is information that moves us incrementally closer to understanding how cognitive function relates to the way we interact with computers,” Roberts says. “Ultimately, this sort of information could one day be used to develop tools to help software designers identify how their design decisions affect the end users of their products. For example, do some design features confuse users? Which ones, and at what point? That would be useful information.”

The paper, “Modeling the Concentration Game with ACT-R,” will be presented at the International Conference on Cognitive Modeling, being held July 11-14 in Ottawa. Lead author of the paper is Titus Barik, a Ph.D. student at NC State. Co-authors include St. Amant, Roberts, and NC State Ph.D. students Arpan Chakraborty and Brent Harrison. The research was supported by the National Security Agency.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Mozilla, Internet Society and Others Pressure Retailers to Demand Secure IoT Products
Curtis Franklin Jr., Senior Editor at Dark Reading,  2/14/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5780
PUBLISHED: 2019-02-19
Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS prior to 72.0.3626.81 allowed a local attacker to execute JavaScript via Apple Events.
CVE-2019-5781
PUBLISHED: 2019-02-19
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
CVE-2019-5782
PUBLISHED: 2019-02-19
Incorrect optimization assumptions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2019-5783
PUBLISHED: 2019-02-19
Missing URI encoding of untrusted input in DevTools in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform a Dangling Markup Injection attack via a crafted HTML page.
CVE-2019-5766
PUBLISHED: 2019-02-19
Incorrect handling of origin taint checking in Canvas in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page.