personalized cybersecurity for dummies jaime g. carbonell eugene fink mehrbod sharifi application of...
Post on 21-Dec-2015
217 views
TRANSCRIPT
![Page 1: Personalized Cybersecurity for Dummies Jaime G. Carbonell Eugene Fink Mehrbod Sharifi Application of machine learning and crowdsourcing to adapt cybersecurity](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649d575503460f94a367a4/html5/thumbnails/1.jpg)
Personalized Cybersecurity
for DummiesJaime G.Carbonell
EugeneFink
MehrbodSharifi
Application of machine learning and crowdsourcing to adapt cybersecurity tools to the needs of (naïve) individual users.
![Page 2: Personalized Cybersecurity for Dummies Jaime G. Carbonell Eugene Fink Mehrbod Sharifi Application of machine learning and crowdsourcing to adapt cybersecurity](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649d575503460f94a367a4/html5/thumbnails/2.jpg)
Individual user differences• Security needs
- Data confidentiality- Data-loss tolerance- Recovery costs
• Usage patterns• Computer knowledge
Different users need different security tools.
![Page 3: Personalized Cybersecurity for Dummies Jaime G. Carbonell Eugene Fink Mehrbod Sharifi Application of machine learning and crowdsourcing to adapt cybersecurity](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649d575503460f94a367a4/html5/thumbnails/3.jpg)
Problems
• “Advanced user” assumption- Complicated customization- Unclear security warnings
• Inflexible engineered solutionswith “too much security”- Too high security at high costs- Insufficient customization
![Page 4: Personalized Cybersecurity for Dummies Jaime G. Carbonell Eugene Fink Mehrbod Sharifi Application of machine learning and crowdsourcing to adapt cybersecurity](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649d575503460f94a367a4/html5/thumbnails/4.jpg)
Examples
Typical response of naïve users:• Always no (too much security)• Always yes (not enough security)• Ask a techie if available
![Page 5: Personalized Cybersecurity for Dummies Jaime G. Carbonell Eugene Fink Mehrbod Sharifi Application of machine learning and crowdsourcing to adapt cybersecurity](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649d575503460f94a367a4/html5/thumbnails/5.jpg)
Population statisticsComputer use byage and gender
User naïveté correctanswers
![Page 6: Personalized Cybersecurity for Dummies Jaime G. Carbonell Eugene Fink Mehrbod Sharifi Application of machine learning and crowdsourcing to adapt cybersecurity](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649d575503460f94a367a4/html5/thumbnails/6.jpg)
Population statistics• Almost everyone uses a computer• Most users are naïve, with very
limited technical knowledge• Many security problems are
due to the user naïveté
When an average user deals with security issues, she needs basic advice and handholding.
![Page 7: Personalized Cybersecurity for Dummies Jaime G. Carbonell Eugene Fink Mehrbod Sharifi Application of machine learning and crowdsourcing to adapt cybersecurity](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649d575503460f94a367a4/html5/thumbnails/7.jpg)
Long-term goal
We need an automated security
assistant that learns the needs
of the individual user and helps
the user to apply security tools.
![Page 8: Personalized Cybersecurity for Dummies Jaime G. Carbonell Eugene Fink Mehrbod Sharifi Application of machine learning and crowdsourcing to adapt cybersecurity](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649d575503460f94a367a4/html5/thumbnails/8.jpg)
Initial results
A security assistant for
web browsing, integrated
with Internet Explorer.
![Page 9: Personalized Cybersecurity for Dummies Jaime G. Carbonell Eugene Fink Mehrbod Sharifi Application of machine learning and crowdsourcing to adapt cybersecurity](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649d575503460f94a367a4/html5/thumbnails/9.jpg)
• Scams (welcome to Nigeria)• Rip-offs (overpricing, low quality)• Bad info (inaccurate, biased)• ... and so on
Automated tools cannot detect “advanced” threats that go beyond software attacks.
More problems
![Page 10: Personalized Cybersecurity for Dummies Jaime G. Carbonell Eugene Fink Mehrbod Sharifi Application of machine learning and crowdsourcing to adapt cybersecurity](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649d575503460f94a367a4/html5/thumbnails/10.jpg)
Long-term goal
Rely on the collective wisdom of the users.
Gather Filter Integrate
![Page 11: Personalized Cybersecurity for Dummies Jaime G. Carbonell Eugene Fink Mehrbod Sharifi Application of machine learning and crowdsourcing to adapt cybersecurity](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649d575503460f94a367a4/html5/thumbnails/11.jpg)
Initial results
A browser plug-in for the
gathering of opinions and
warnings about web pages.
![Page 12: Personalized Cybersecurity for Dummies Jaime G. Carbonell Eugene Fink Mehrbod Sharifi Application of machine learning and crowdsourcing to adapt cybersecurity](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649d575503460f94a367a4/html5/thumbnails/12.jpg)
Future research
• Summarization of comments
• Analysis of sentiments and biases
• Identification of reliable contributors
• Synergy with other techniques for analysis of web pages
• … and so on