"Bottom Line Security: Understanding the True Cost of Cybersecurity Attacks"
Mar 30, 2016Download: MP4 Video Size: 160.7MB
Watch on YouTube
AbstractUsing the Internet is a risky venture: cybercriminals could be lurking behind any email or in any web page, just waiting to compromise your machine. Practicing and researching cybersecurity is about minimizing that risk. Unfortunately, modern cybercriminals don't compromise machines just because they can - they do it to make money or steal data. Likewise, the risks that end users care about aren't measured in vulnerabilities discovered or hosts compromised, they care about losing hard earned money, embarrassing pictures, or simply a night of their free time because they had to remove malware from the family computer. Cybersecurity research should minimize the chance of successful attacks by maximizing the number of vulnerabilities patched or infiltrations thwarted. However, these technical goals are fundamentally intermediate goals: the ultimate goal of cybersecurity is to minimize the amount of harm that comes to users, which is a quantity denominated in dollars lost, days spent recovering from attacks, or data lost to attackers. By quantifying the harm of these attacks in these meaningful quantities, we can focus defenses and mitigations on the attacks that cause the most harm to the Internet's users.
This presentation will highlight recent results that improve our understanding the true cost of cybercrime. I'll also show how these results can lead to actionable insights into which attacks we should be spending our finite effort combating. I'll cover losses due to affiliate fraud, measured in profits lost, both by the platforms and legitimate marketers. I'll also cover losses incurred due to typosquatting: while typosquatting is perpetrated by thousands upon thousands of domains, the harm caused is not clear. We use a model which quantifies how many visitors legitimate sites lose and how much time end users waste when they visit these sites. Finally, I'll showcase a tool which quantifies the value of a user's private data (their account logins), which can motivate better security behavior through a personalized warning regarding how much their account might be worth to cybercriminals.
About the Speaker
Chris Kanich is an Assistant Professor in the Department of Computer Science at the University of Illinois at Chicago. He received his Ph.D. in Computer Science and Engineering at UC San Diego and a B.S. in Mathematics and Computer Science at Purdue University. His current research focuses on improving user experience in the face of cybersecurity attacks. His approach uses myriad data-driven techniques (anything from botnet infiltration to user studies) to improve our understanding of how to counteract the true motivations of cybercriminals and minimize real-world losses for targets of cybercrime.
Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52 (Suite 050B), West Lafayette Campus. More information...