Understanding and Accounting for Human Behavior
biblio
Submitted by Heather Lucas on Tue, 03/31/2020 - 10:29am
group_project
Submitted by Heather Lucas on Wed, 01/29/2020 - 4:44pm
Although human users can greatly affect the security of systems intended to be resilient, we lack a detailed understanding of their motivations, decisions, and actions. The broad aim of this project is to provide a scientific basis and techniques for cybersecurity risk assessment. This is achieved through development of a general-purpose modeling and simulation approach for cybersecurity aspects of cyber-systems and of all human agents that interact with those systems. These agents include adversaries, defenders, and users.
group_project
Submitted by Claire Tomlin on Thu, 01/16/2020 - 11:37am
biblio
Submitted by Jamie Presken on Wed, 10/16/2019 - 10:54am
group_project
Submitted by David Nicol on Mon, 03/19/2018 - 9:02pm
We believe that diversity and redundancy can help us prevent an attacker from hiding all of his or her traces. Therefore, we will strategically deploy diverse security monitors and build a set of techniques to combine information originating at the monitors. We have shown that we can formulate monitor deployment as a constrained optimization problem wherein the objective function is the utility of monitors in detecting intrusions.
group_project
Submitted by scherlis on Sun, 03/18/2018 - 10:24pm
This project considers models for secure collaboration and contracts in a decentralized environment among parties that have not established trust. A significant example of this is blockchain programming, with platforms such as Ethereum and HyperLedger.
group_project
Submitted by scherlis on Sun, 03/18/2018 - 10:23pm
Effective response to security attacks often requires a combination of both automated and human-mediated actions. Currently we lack adequate methods to reason about such human-system coordination, including ways to determine when to allocate tasks to each party and how to gain assurance that automated mechanisms are appropriately aligned with organizational needs and policies.