Security Metrics Driven Evaluation, Design, Development, and Deployment

group_project

Visible to the public Science of Human Circumvention of Security

Well-intentioned human users continually circumvent security controls. The pandemic/ubiquitous fact of this circumvention undermines the effectiveness of security designs that implicitly assume circumvention never happens. We seek to develop metrics to enable security engineers and other stakeholders to make meaningful, quantifiable comparisons, decisions, and evaluations of proposed security controls in light of what really happens when these controls are deployed.

group_project

Visible to the public A Hypothesis Testing Framework for Network Security

This project develops a scientific approach to testing hypotheses about network security when those tests must consider layers of complex interacting policies within the network stack. The work is motivated by observation that the infrastructure of large networks is hideously complex, and so is vulnerable to various attacks on services and data. Coping with these vulnerabilities consumes significant human management time, just trying to understand the network's behavior.

group_project

Visible to the public Data Driven Security Models and Analysis

In security more than in other computing disciplines, professionals depend heavily on rapid analysis of voluminous streams of data gathered by a combination of network-, file-, and system-level monitors. The data are used both to maintain a constant vigil against attacks and compromises on a target system and to improve the monitoring itself.

group_project

Visible to the public Data-Driven Model-Based Decision-Making

The goal of this project is to develop quantitative, scientifically grounded, decision-making methodologies to guide information security investments in private or public organizations, combining human and technological concerns, to demonstrate their use in two or more real-life case studies, prototype tools and demonstrate their proof of concept on those case studies.

group_project

Visible to the public Static-Dynamic Analysis of Security Metrics for Cyber-Physical Systems

Cyber-Physical Systems (CPS) are vulnerable to elusive dynamics-aware attacks that subtly change local behaviors in ways that lead to large deviations in global behavior, and to system instability. The broad agenda for this project is to classify attacks on different classes of CPS based on detectability. In particular, we are identifying attacks that are impossible to detect in a given class of CPS (with reasonable resources), and we are developing detection algorithms for those that are possible.