Data-Driven Model-Based Decision-Making

shutterstock_286788212Investigators: William Sanders, Masooda Bashir, David Nicol, and Aad Van Moorsel

Researchers: Ken Keefe, Mohamad Noureddine, Charles Morriset and Rob Cain

The goal of this project is to develop quantitative, scientifically grounded, decision-making methodologies to guide information security investments in private or public organizations, combining human and technological concerns, to demonstrate their use in two or more real-life case studies, prototype tools and demonstrate their proof of concept on those case studies. It is our hypothesis that quantitative security models, augmented by collected data, can be used to make credible business decisions about the use of particular security technologies to protect an organization’s infrastructure. The key output of this research will be a data-driven, model-based methodology for security investment decision-making, with associated software tool support, and a validation of the usefulness of the tool in a realistic setting. The main scientific contributions will be new abstractions for modeling human behavior, and techniques and tools for optimization of the associated data collection strategy.

This project is a collaboration between the University of Illinois at Urbana-Champaign and Newcastle University.

Hard Problems Addressed

Publications

  1. John C. Mace, Charles Morisset, and Aad van Moorsel, “Modelling User Availability in Workflow Resiliency Analysis“, Symposium and Bootcamp on the Science of Security (HotSoS 2015), Urbana, IL, April 21-22, 2015. [full text]
  2. John C. Mace, Charles Morisset, and Aad van Moorsel, “Impact of Policy Design on Workflow Resiliency Computation Time”, Quantitative Evaluation of Systems (QEST 2015), Madrid, Spain, September 1-3, 2015. [full text]
  3. John C. Mace, Charles Morisset, and Aad van Moorsel, “Resiliency Variance in Workflows with Choice”, International Workshop on Software Engineering for Resilient Systems (SERENE 2015), Paris, France, September 7-8, 2015. [full text]
  4. Ken Keefe and William H. Sanders, “Reliability Analysis with Dynamic Reliability Block Diagrams in the Mobius Modeling Tool”, 9th EAI International Conference on Performance Evaluation Methodologies and Tools (VALUETOOLS 2015), Berlin, Germany, December 14-16, 2015. [full text]
  5. Hoang Hai Nguyen, Kartik Palani, and David M. Nicol, “An Approach to Incorporating Uncertainty in Network Security Analysis”, Symposium and Bootcamp of the Hot Topics in Science of Security (HotSoS 2017), Hanover, MD, April 4-5, 2017. [full text]
  6. John C. Mace, Nippun Thekkummal, Charles Morisset, and Aad van Moorsel, “ADaCS: A tool for Analysing Data Collection Strategies”, 14th European Performance Engineering Workshop (EPEW 2017), Berlin, Germany, September 7-8, 2017, to appear.

Presentations

  1. July 2014, NSA SoS Quarterly Meeting, Bill Sanders: Making Sound Design Decisions Using Quantitative Security Metrics [slides]
  2. December 2014, NSA SoS Biweekly Meeting, Kenneth Keefe: Making Sound Security Decisions Using Quantitative Security Metrics [slides]
  3. February 2015, NSA SoS Biweekly Meeting, Mohammad Noureddine: Human Aware Science of Security [slides]
  4. April 2015, NSA SoS Biweekly Meeting, Mohammad Noureddine: A Taxonomy of Human Behavior in Cybersecurity [slides]
  5. April 2015, invited tutorial, Symposium and Bootcamp on the Science of Security (HotSoS), Bill Sanders: Security-Metrics-Driven Evaluation, Design, Development and Deployment
  6. July 2015, NSA SoS Quarterly Meeting, Bill Sanders: Accounting for User Behavior in Predictive Cyber Security Models [slides]
  7. October 2015, ITI Trust and Security/Science of Security Seminar, Mohammad Noureddine: Accounting for User Behavior in Predictive Cyber Security Models [slides & video]
  8. July 2016, NSA SoS Quarterly Meeting, Bill Sanders: A Quantitative Methodology for Security Monitor Deployment
  9. July 2016, NSA SoS Quarterly Meeting, poster session, Ken Keefe and Bill Sanders: ADVISE – Adversary View Security Evaluation: Practical Metrics for Enterprise Security Engineering [poster]
  10. July 2016, NSA SoS Quarterly Meeting, poster session, John C. Mace, Nipun Thekkummal, and Aad van Moorsel: Sensitivity Analysis of Probabilistic Workflow Models with Security Constraints [poster]
  11. April 2017, Symposium and Bootcamp in the Science of Security (HotSoS 2017), poster session, Kelly Greeling, Alex Withers, and Masooda Bashir: Factors for Differentiating Human from Automated Attacks [poster]