Personalized%20Cybersecurity%20for%20Dummies

1
Personalized Cybersecurityfor Dummies
Application of machine learning and crowdsourcing
to adapt cybersecurity tools to the needs of
(naïve) individual users.
2
Individual user differences

• Security needs- Data confidentiality- Data-loss
  tolerance- Recovery costs
• Usage patterns
• Computer knowledge

3
Problems

• Inflexible engineered solutionswith too much
  security- Too high security at high costs-
  Insufficient customization

REIGN OF CONFUSION

• Advanced user assumption- Complicated
  customization- Unclear security warnings

4
Examples
5
Population statistics
Computer use byage and gender
6
Population statistics

• Almost everyone uses a computer
• Most users are naïve, with very limited technical
  knowledge
• Many security problems aredue to the user naïveté

When an average user deals with security issues,
she needs basic advice and handholding.
7
Long-term goal
We need an automated security assistant that
learns the needs of the individual user and helps
the user to apply security tools.
MACHINE LEARNING TO THE RESCUE
8
Initial results
A security assistant for web browsing, integrated
with Internet Explorer.
9
More problems
Automated tools cannot detect advanced threats
that go beyond software attacks.
10
Long-term goal
Rely on the collective wisdom of the users.
CROWDSOURCING TO THE RESCUE
Gather
USERS OF THE WORLD, UNITE!
11
Initial results
A browser plug-in for the gathering of opinions
and warnings about web pages.
12
Future research

• Summarization of comments
• Analysis of sentiments and biases
• Identification of reliable contributors
• Synergy with other techniques for analysis of web
  pages
• and so on