Risk Measurement and Mitigation

While cyber risk assessment is one of the most studied topics in the systems security field, most of the existing work focuses on assessing the cyber risk through indicators that are commonly accepted to be positively correlated, without performing real experiments on real data. Therefore, most of the existing works remain theoretical. Our main goal is to fill this gap by devising new techniques that can automatically identify indicators that are highly correlated with cyber risk. This feat will be accomplished by conducting experimental research.

Risk Analysis of Cyber Interactions

Explore specific linguistic and/or cultural factors linked to deception since campaigns can sometimes be language-specific.

Threat Specific Predictive Analytics

Perform predictions for specific type of cyber threats. This also could be done in different granularities: we can do it based on the malware family, based on the malware type (ransomware, banking trojan etc.), based on higher level malware classification (eg; cyber espionage, state-sponsored attacks, data breaches, classic cyber threats etc).

Causality Analysis

Identify the real causes of risk. Construct probabilistic inference over the causality relation between potential factors and the risk scoring output. More precisely, we will investigate how to model the conditional probability P(risk score| potential factors) and P(potential factors | risk) simultaneously, so that we can confirm the existence of causality relation.