Evaluating Security Outcomes: Applying Evidence-based Security to Improve Cybersecurity Risk

Facebook invited submissions from university researchers and faculty, non-profit organizations, and NGOs for applied research proposals to improve the security, privacy, and safety of internet users.  Their goal is to spur the development of technology that may be applied in practice.  Facebook awarded up to $100,000 per proposal for the Secure the Internet Grant.

CNS/CSE Professors Stefan Savage and Geoffrey Voelker received a $75,000 a grant for their proposal, “Evaluating Security Outcomes: Applying Evidence-based Security to Improve Cybersecurity Risk.”  This project will bring large portions of cybersecurity under an evidence-based umbrella, to correlate concrete cybersecurity outcomes (e.g., whether a particular machine is compromised or a credential is stolen) with concrete security behaviors (e.g., is the software patched, does the user of the machine visit file sharing sites, etc.).  Their lab plans to use this approach to both empirically evaluate particular hypotheses (i.e., a correlation between the use of file-sharing sites and host compromise might be explained by the poisoning of the file-sharing ecosystem with malware). They will also develop network measurement tools to extract a broad array of security-relevant behaviors as well as indicators of outcomes, using the machines connected to UC San Diego’s network as the basis of the study.