This paper introduces GAMBiT (Guarding Against Malicious Biased Threats), a cognitive-informed cyber defense framework that leverages deviations from human rationality as a new defensive surface. Conventional cyber defenses assume rational, utility-maximizing attackers, yet real-world adversaries exhibit cognitive constraints and biases that shape their interactions with complex digital systems. GAMBiT embeds insights from cognitive science into cyber environments through cognitive triggers, which activate biases such as loss aversion, base-rate neglect, and sunk-cost fallacy, and through newly developed cognitive sensors that infer attackers' cognitive states from behavioral and network data. Three rounds of human-subject experiments (total n=61) in a simulated small business network demonstrate that these manipulations significantly disrupt attacker performance, reducing mission progress, diverting actions off the true attack path, and increasing detectability. These results demonstrate that cognitive biases can be systematically triggered to degrade the attacker's efficiency and enhance the defender's advantage. GAMBiT establishes a new paradigm in which the attacker's mind becomes part of the battlefield and cognitive manipulation becomes a proactive vector for cyber defense.

翻译：本文介绍了GAMBiT（防范恶意偏见威胁），一种基于认知科学的网络防御框架，其利用人类理性偏差构建了新的防御界面。传统网络防御假设攻击者是理性且追求效用最大化的，然而现实中的对手表现出认知局限与偏见，这些因素塑造了其与复杂数字系统的交互方式。GAMBiT通过认知触发器（可激活损失厌恶、基础比率忽视、沉没成本谬误等偏见）以及新开发的认知传感器（从行为与网络数据推断攻击者认知状态），将认知科学洞见嵌入网络环境。在模拟小型企业网络中进行的三轮人类受试实验（总样本量n=61）表明，这些干预手段能显著干扰攻击者表现：降低任务进度、使其偏离真实攻击路径，并提升可检测性。这些结果证明，可通过系统性触发认知偏见来削弱攻击者效率并增强防御方优势。GAMBiT确立了一种新范式，使攻击者的思维成为战场的一部分，而认知操控则成为网络防御的主动向量。