Defense Event

Quantifying Security: Methods, Challenges and Applications

Armin Sarabi

Thursday, December 07, 2017
10:00am - 12:00pm
3316 EECS

Add to Google Calendar

About the Event

Abstract: Data and cyber security, whether defined from the point of view of corporations, individuals, or Internet hosts/networks, have been studied from various perspectives, ranging from theoretical models, to measurement studies, and data-driven approaches that assess security by combining statistical analysis and with real-world data. In this dissertation, we explore the applicability of machine learning, and statistical modeling, in building algorithms that can make generalized statements regarding the security of real-world entities: (1) We assess the security of organizations, quantified as the likelihood of sustaining data incidents, by combining previous breach disclosures, with geographic, industry, size, and Internet traffic information, and evaluate techniques for estimating the distribution of risk among various incident categorizations, in order to guide resource allocation, and improve security policies; (2) we leverage field measurements of patch deployment on user machines, to quantify updating behaviors, inspect the dynamics between software vendors and consumers, and its impact on the security posture of user machines; and (3) we develop a framework for scalable analysis of Internet hosts, by distilling information obtained from global scans of the public Internet, into compact numerical fingerprints, and examine their utility for detecting malicious hosts, inferring unobserved attributes of servers, quantifying similarities, and characterizing networks.

Additional Information

Sponsor(s): Professor Mingyan Liu

Faculty Sponsor: Professor Mingyan Liu

Open to: Public