Quantitative Security Metrics for Cyber-Human Systems
Investigators: William Sanders and David Nicol
This project looks at how security metrics that take into account user behavior can be used in the design process. We propose both fundamental work in modeling methodology, formalisms, and solution methods, and practical implementation in software form. When completed, this modeling approach will provide a structured and quantitative means of analyzing cyber security problems whose outcomes are influenced by user, attacker, and system, interactions. This capability is a key element in creating a true science of security.
Hard Problem Addressed
- Security-Metrics-Driven Evaluation, Design, Development and Deployment
- Craig Buchanan, “Simulation Debugging and Visualization in the Mobius Modeling Framework”, Master of Science Thesis, Department of Electrical and Computer Engineering, University of Illinois at Urbana-Champaign, May 2014. [full text]