EAGER

This project will develop novel ways to teach cybersecurity topics. It is challenging for computer science (CS) programs with limited faculty resources to cover the breadth and depth of the discipline. The challenge increases as CS curriculum guidelines places more emphasis on emerging areas such as cybersecurity.

Transparency Bridges undertakes a cross-cultural investigation of the differences in privacy attitudes between the US and the EU, as a means of exploring the design requirements for user control mechanisms. We (1) investigate the currently available mechanisms in smartphone ecosystems to inform people of collection and use of their personal data, (2) examine how these mechanisms comply with US and EU data privacy legal frameworks, and (3) analyze how different mechanisms respond to requirements in both jurisdictions.

Household Internet-of-Things (IoT) devices are intended to collect information in the home and to communicate with each other, to create powerful new applications that support our day-to-day activities. Existing research suggests that users have a difficult time selecting their privacy settings on such devices. The goal of this project is to investigate how, why and when privacy decisions of household IoT users are suboptimal, and to use the insights from this research to create and test a simple single user interface that integrates privacy settings across all devices within a household.

In 2016, the cyberthreat landscape showcased advanced attack techniques, escalated attack frequency, and high levels of adversarial sophistication. Conventional cyberattack management is response-driven, with organizations focusing their efforts on detecting threats, rather than anticipating adversarial actions. This reactive approach has limited efficacy, as it does not capture advanced and sophisticated adversaries, mutating or unknown malware, living-off-the-land techniques or new variants being deployed. There is thus an immediate need for a paradigm shift in the area of cybersecurity.

User behavior is a critical element in the success or failure of computer security protections. The field of Human Security Informatics (HSI) combines security informatics and human-computer interaction design to learn how the design of a human-computer interface can affect the security of a computer system. This research project is contributing to the scientific foundations of HSI by modeling how multitasking users behave when making security-critical decisions.