Cyber security
The spreading on ideas, memes, norms, products, and diseases are few examples of phenomena that can be studied and modeled as contagion processes on networks. Surprisingly, the dynamics of contagion in terms of semantic social engineering threats, such as phishing, scams, drive-by-malware etc. have received so far little attention. Indeed, although their spreading is conducted primarily in online social networks, studies in cyber security have been focused mainly on defining the characteristics (i.e., features) of threats and users that are more likely to result in successful attacks. In other words, the complexity emerging from the unsupervised interactions and actions of large number of users as well as threats strategies have been largely neglected. To tackle these limitations, we recently introduced a theoretical framework to study the spreading of computer viruses, based on social engineering deception strategies, on networks [1]. The framework allows to characterize the complex interplay between the heterogeneous susceptibility of individuals and their time-varying connectivity patterns. However, it is a theoretical construct and much more needs to be done.
In order to characterize the complex dynamics at play and develop a deeper understanding about how cyber threats based on social engineering attacks diffuse, we are developing an experimental online platform that allows users to interact passing and receiving content (potentially compromised) to/from others. I plan to consider different threats, networks configurations, and provide different levels of information to each users about his/her contacts, and study the dynamics of threats diffusion. The aim is to isolate the social mechanisms responsible for the spreading of cyber threats in online networks and devise new efficient ways for cyber protection at societal level. Furthermore, we have been investigating possible extensions and applications of the theoretical framework mentioned above in the context of classic machine learning algorithms adopted to infer the risks of cyber attacks in a networked system of computers/servers. Indeed, current approaches are based on anomaly detection and/or pattern recognition but lack of more sophisticated representations of the threat and of its spreading that could help the detection task.
In order to characterize the complex dynamics at play and develop a deeper understanding about how cyber threats based on social engineering attacks diffuse, we are developing an experimental online platform that allows users to interact passing and receiving content (potentially compromised) to/from others. I plan to consider different threats, networks configurations, and provide different levels of information to each users about his/her contacts, and study the dynamics of threats diffusion. The aim is to isolate the social mechanisms responsible for the spreading of cyber threats in online networks and devise new efficient ways for cyber protection at societal level. Furthermore, we have been investigating possible extensions and applications of the theoretical framework mentioned above in the context of classic machine learning algorithms adopted to infer the risks of cyber attacks in a networked system of computers/servers. Indeed, current approaches are based on anomaly detection and/or pattern recognition but lack of more sophisticated representations of the threat and of its spreading that could help the detection task.