Reduce Privacy Risks

Modern systems such as the electric smart grid consist of both cyber and physical components that must work together; these are called cyber-physical systems, or CPS. Securing such systems goes beyond just cyber security or physical security into cyber-physical security. While the threats multiply within a CPS, physical aspects also can reduce the threat space. Unlike purely cyber systems, such as the internet, CPS are grounded in physical reality.

By collecting sensor data from individuals in a user community, e.g., using their smartphones, it is possible to learn the behavior of communities, for example locations, activities, and events. Similarly, using data from personal health monitoring sensors, it is possible to learn about the health risks and responses to treatments for population groups. But is it possible to use the valuable information for the greater good without disclosing information about the individuals contributing the data? What about protecting this information from improper access?

Natural language privacy policies have become a de facto standard to address expectations of notice and choice on the Web. Yet, there is ample evidence that users generally do not read these policies and that those who occasionally do struggle to understand what they read. Initiatives aimed at addressing this problem through the development of machine implementable standards or other solutions that require website operators to adhere to more stringent requirements have run into obstacles, with many website operators showing reluctance to commit to anything more than what they currently do.

Data structures have a prominent modern computational role, due to their wide applicability, such as in database querying, web searching, and social network analysis. This project focuses on the interplay of data structures with security protocols, examining two different paradigms: the security for data structures paradigm (SD) and the data structures for security paradigm (DS).

This project examines three properties of underground cybercrime communities: 1) profitability, 2) connectivity, 3) and sustainability. It identifies qualitative and quantitative metrics for these properties as well as discusses the relative effectiveness of distinct operationalization of these metrics under different levels of data granularity. The goal is to develop metrics that provide meaning indicators even when data is limited. for example, if public posts are available but not private messages between individual cybercriminals.