Research

Current Projects

Network-Level Security Posture Assessment and Predictive Analytics: From Theory to Practice (NSF SaTC TTP, 2016-2020)

Abstract
This project aims to address the following two questions (1) how to assess the security condition of a network, and (2) to what extend can we predict data breaches or other cyber security incidents for an organization. The ability to do so has far-reaching social and economic impact: data has become an evermore important asset in any business, and the recent data breaches such as those at Target, JP Morgan, Home Depot, Office of Personnel Management (OPM), and Anthem Healthcare, to name just a few, highlight the increasing social and economic impact of such cyber incidents. Often, by the time a breach is detected, it is too late and the damage already occurred. Consequently, being able to predict such incidents accurately can greatly enhance an organization’s ability to put preventative and proactive measures in place and make much more judicious and effective resource allocation decisions in doing so. In addition, the answer to these questions has enormous implications on policy design, not only security policies, but also various incentive mechanisms aimed at encouraging the adoption of better security policies and cybersecurity frameworks, including cyber insurance, liability limitation, and rate recovery among others, see e.g., the Presidential Policy Directive PPD-21. This project follows a comprehensive agenda aimed at transitioning to practice technologies developed by the research team over the past few years in the domain of quantitative assessment of security posture on a network or organizational level, and the use of such assessment for the purpose of forecasting cyber security incident. The technological innovation is a sound quantitative framework that combines a large collection of cybersecurity data, novel data processing methods, advanced machine learning techniques, and extensive cybersecurity domain expertise, to produce accurate prediction on security incidents for a given organization, thereby providing tangible information and crucial input for decision makers such as an insurance underwriter, or an enterprise customer seeking to validate a vendor.

EAGER: Theory and Practice of Risk-Informed Cyber Insurance Policies: Risk Dependency, Risk Aggregation, and Active Threat Landscape (NSF, 2019-2021)

Abstract
This project aims to tackle some of the most significant challenges facing the design and adoption of risk-informed cyber insurance policies; these challenges include cyber risk interdependence, correlated risk and value-at-risk, and a fast-changing threat landscape. The proposed research has the potential to bring about a paradigm shift in the design of cyber insurance policies so that they are used as effective economic and incentive mechanisms consistent with cyber risk realities; in doing so it also introduces new ways of thinking about cybersecurity in a holistic, risk management context. Consequently, the proposed research has direct impact on the current practice by cyber insurance carriers and thus the potential to dramatically change the status quo. It has broader impacts on public policy and incentive mechanism design aimed at encouraging the adoption of better cybersecurity frameworks.

Connected Testbeds for Connected Vehicles (NSF CPS Synergy)

Abstract
This research team envisions that connected testbeds, i.e., remotely accessible testbeds integrated over a network in closed loop, will provide an affordable, repeatable, scalable, and high-fidelity solution for early cyber-physical evaluation of connected automated vehicle (CAV) technologies. Engineering testbeds are critical for empirical validation of new concepts and transitioning new theory to practice. However, the high cost of establishing new testbeds or scaling the existing ones up hinders their wide utilization. Enabling high-fidelity cyber-integration of existing but geographically dispersed testbeds can dramatically increase accessibility to engineering experimentation, just as the internet dramatically increased accessibility to information. This project aims to develop a scientific foundation to support this vision and demonstrate its utility for developing CAV technologies. This application is significant, because a synergistic combination of connected vehicles and automated driving technologies is poised to transform the sustainability of our transportation system; automated driving technologies can leverage the information available from vehicle-to-vehicle (V2V) connectivity in optimal ways to dramatically reduce fuel consumption and emissions. However, state-of-the-art simulation and experimental capabilities fall short of addressing the need for realistic, repeatable, scalable, and affordable means to evaluate new CAV concepts and technologies. On the one hand, purely simulation based studies could be off by as much as 27% in terms of fuel economy and as much as 350% in terms of emissions. On the other hand, experimental studies with fleets of vehicles provide are very expensive and not easily repeatable. In addition, the literature extensively exploits connectivity to improve traffic flow, but there is also a vast untapped potential for leveraging the information available from connectivity at the powertrain level to increase sustainability. Thus, the goal of this project is to enable a high-fidelity integration of geographically dispersed powertrain testbeds and use this novel experimental capability to develop and test powertrain-level strategies to increase sustainability benefits of CAVs.

Other current projects:

Past Projects