IC Colloquium : Network security economics: Understanding incentives to improve online security
Event details
| Date | 07.03.2013 |
| Hour | 16:15 › 17:30 |
| Speaker |
Nicolas Christin, Carnegie Mellon University IC faculty candidate |
| Location | |
| Category | Conferences - Seminars |
Abstract
With the rise of financially-motivated computer abuse, understanding economic incentives of both attackers and targets has become critical to strengthening online security. In this talk, I will advocate the need for a broad research agenda, ranging from network measurements and analysis to game-theoretic modeling.
I will first show how empirical network measurements help better design intervention mechanisms against attackers. Using the online sale of unlicensed pharmaceutical drugs as a case study, I will describe how longitudinal, large-scale measurements and analysis reveal important structural properties of a priori complex criminal ecosystems. I will in particular demonstrate the existence of "choke points" both in traffic brokering and product supply, which should be prime targets for intervention.
In addition to disrupting attackers' operations, improving overall network security also requires users strengthen their defenses -- but which incentives do they have to do so? I will introduce a game-theoretic model that we developed to describe how rational users respond to security threats in large-scale networks. I will use this model to show how network effects, specifically negative network externalities, strongly influence security decision making. I will conclude by outlining a roadmap for future security research combining measurements, mathematical modeling and behavioral aspects.
Biography
Nicolas Christin is the Associate Director of the Information Networking Institute at Carnegie Mellon University, and a Senior Systems Scientist in CyLab, Electrical and Computer Engineering, and Engineering and Public Policy. He holds a Diplôme d'Ingénieur from École Centrale de Lille, and M.S. and Ph.D. degrees in Computer Science from the University of Virginia. After a postdoc in the School of Information at the University of California, Berkeley, he joined Carnegie Mellon in 2005. He served for three years as resident faculty at CMU CyLab Japan, before returning to Carnegie Mellon's main campus in 2008. His research is in computer security and networking, and spans a broad range of interests, from systems to policy research. He has most recently focused on online crime, security economics, and behavioral aspects of computer security. He equally enjoys field measurements and mathematical modeling.
With the rise of financially-motivated computer abuse, understanding economic incentives of both attackers and targets has become critical to strengthening online security. In this talk, I will advocate the need for a broad research agenda, ranging from network measurements and analysis to game-theoretic modeling.
I will first show how empirical network measurements help better design intervention mechanisms against attackers. Using the online sale of unlicensed pharmaceutical drugs as a case study, I will describe how longitudinal, large-scale measurements and analysis reveal important structural properties of a priori complex criminal ecosystems. I will in particular demonstrate the existence of "choke points" both in traffic brokering and product supply, which should be prime targets for intervention.
In addition to disrupting attackers' operations, improving overall network security also requires users strengthen their defenses -- but which incentives do they have to do so? I will introduce a game-theoretic model that we developed to describe how rational users respond to security threats in large-scale networks. I will use this model to show how network effects, specifically negative network externalities, strongly influence security decision making. I will conclude by outlining a roadmap for future security research combining measurements, mathematical modeling and behavioral aspects.
Biography
Nicolas Christin is the Associate Director of the Information Networking Institute at Carnegie Mellon University, and a Senior Systems Scientist in CyLab, Electrical and Computer Engineering, and Engineering and Public Policy. He holds a Diplôme d'Ingénieur from École Centrale de Lille, and M.S. and Ph.D. degrees in Computer Science from the University of Virginia. After a postdoc in the School of Information at the University of California, Berkeley, he joined Carnegie Mellon in 2005. He served for three years as resident faculty at CMU CyLab Japan, before returning to Carnegie Mellon's main campus in 2008. His research is in computer security and networking, and spans a broad range of interests, from systems to policy research. He has most recently focused on online crime, security economics, and behavioral aspects of computer security. He equally enjoys field measurements and mathematical modeling.
Links
Practical information
- Informed public
- Free
- This event is internal
Contact
- Christine Moscioni