90 likes | 106 Views
Jaime G. Carbonell. Mehrbod Sharifi. Eugene Fink. Machine Learning Methods for Personalized Cybersecurity. Applying machine learning and artificial intelligence to adapt cybersecurity tools to the needs of (naïve) individual users. Individual user differences.
E N D
Jaime G.Carbonell MehrbodSharifi EugeneFink Machine Learning Methods forPersonalized Cybersecurity Applying machine learning and artificial intelligence to adapt cybersecurity tools to the needs of (naïve) individual users.
Individual user differences • Security needs- Data confidentiality- Data-loss tolerance- Recovery costs • Usage patterns • Computer knowledge Different users need different security tools.
Problem • Inflexible engineered solutionswith “too much security”- Too high security at high costs- Insufficient customization options REIGN OF CONFUSION • “Advanced user” assumption- Complicated customization- Unclear security warnings
Typical response of naïve users: • Always no (too much security) • Always yes (not enough security) • Ask a techie if available Examples
User naïveté correctanswers Population statistics Computer use byage and gender
Population statistics • Almost everyone uses a computer • Most users are naïve, with very limited technical knowledge • Many security problems aredue to the user naïveté When an average user deals with security issues, she often needs basic advice and handholding.
Long-term goal We need an automated security assistant that learns the needs of the individual user and helps the user to apply security tools. MACHINE LEARNING TO THE RESCUE
Research problems • Learning about the user- Usage patterns- Technical knowledge- Security choices • Elicitation of security needs- Understandable questions- Optimized question selection- Conversion of the elicited answers to appropriate security settings • Understandable warnings- Not-Sure response option- Explanation customized to the user technical knowledge- Advice customized to the user needs- Optimization of yes/no decisions • Learning across multiple users- Learning from observations- Integration of expert advice- Distributed processing of massive data
Architecture Top-Level Control modelutility andlimitations ModelConst-ruction QuestionSelection ModelEvalu-ation currentmodel SecurityDecision Optimizer answers andobservations questions DataCollection