McIntire School Part of $1.5 Million NSF Grant to Examine Use of Analytics and Crowdsourcing for Cybersecurity

February 11, 2015

Article Image Group

McIntire Professor of Information Technology Ahmed Abbasi and a team of cybersecurity experts from The University of Utah, The University of Texas at Dallas, Drexel University, and the University of Arizona have been awarded a $1.5 million grant from the National Science Foundation to investigate the root causes of cybersecurity attacks, as well as how such attacks might be predicted and prevented.
 
Broad-Ranging Expertise
Seeking to gain insight into not only the technological elements of the attacks, but also their political, social, and psychological drivers, Abbasi says a key objective of the grant is to combine the expertise of computational, data, and social scientists. “Security is a sociotechnical problem,” he notes. “To really understand security breaches, factors pertaining to sociology and psychology must be considered. What drives people to conduct cybersecurity attacks? How do economic, political, and cultural indicators correlate with the origins and destinations of various attacks? More, what psychological factors impact users’ susceptibility to phishing?”
 
Although existing research in both the hard and social sciences has examined issues of cybersecurity, Abbasi says there has been little multiperspectival examination of the subject. “We hope to create an integrated, interdisciplinary community that will really help to extend and enrich the existing body of cybersecurity knowledge,” he says.
 
One-Two Punch
Abbasi and his fellow researchers will first focus on building a rich, large-scale “test bed” composed of tens of millions of data points from online hacker communities, phishing attacks, and geopolitical content. The test bed, in turn, will be integrated into an online portal equipped with a suite of predictive and descriptive analytics tools that will scour the data, allowing users to analyze, forecast, segment, and draw correlative and causal associations from it.
 
Some of the data, Abbasi says, will also be used in predictive analytics competitions hosted at data-mining workshops, at security conferences, and through third-party crowdsourcing websites that cater to the data scientist community; such crowdsourcing events, he notes, have proven to be remarkably efficient generators of creative—and effective—solutions to some of the most vexing business and scientific conundrums.
 
“Our goal in devising this complementary test bed and tool kit is to enable the research and practitioner communities to unearth critical relationships hidden within the data,” Abbasi says. “Our hope is that identifying those relationships will help us to predict—and prevent—cybersecurity breaches that have so far proven unforeseeable.”