Title: Harvesting the Low-hanging Fruits: Defending Against Automated Large-Scale Cyber-Intrusions by Focusing on the Vulnerable Population*

Abstract:
The orthodox paradigm to defend against automated social-engineering attacks in large-scale socio-technical systems is reactive and victim-agnostic. Defences generally focus on identifying the
attacks/attackers (e.g., phishing emails, social-bot infiltration, malware offered for download). To change the status quo, we propose to identify, even if imperfectly, the vulnerable population, that is, the accounts/devices that are likely to fall victim to such attacks. Knowledge of the vulnerable population can be used in two ways. First, the vulnerable population can be influenced by the defender through several means, including education, specialized user experience, extra protection layers, and watchdogs. In the same vein, information about the vulnerable population can ultimately be used to fine-tune and re-prioritize defence mechanisms to offer differentiated protection. Secondly, information about the user population can be used to identify an attack (or compromised users) based on differences between the general and the vulnerable population. This talk discusses the proposed paradigm and considers its implications on existing defences, and discusses how using knowledge of the vulnerable population can enable more robust defences.

Short bio:
Konstantin (Kosta) Beznosov is a Professor at the Department of Electrical and Computer Engineering <http://www.ece.ubc.ca/>, University of British Columbia <http://www.ubc.ca/>, where he directs the Laboratory for Education and Research in Secure Systems Engineering <http://lersse.ece.ubc.ca/>. His research interests are usable security, mobile security and privacy, security and privacy in online social networks, and web security. Prior UBC, he was a Security Architect at Hitachi Computer Products (America) <http://www.hitachiomd.com/> and Concept Five. Besides many academic papers <http://lersse-dl.ece.ubc.ca/search?rg=500&amp;f=author&amp;p=beznosov&amp;sc=1>, he is also a co-author of “Enterprise Security with EJB and CORBA
<http://www.amazon.com/Enterprise-Security-EJB-CORBA-r/dp/0471401315>” and “Mastering Web Services Security <http://www.amazon.com/Mastering-Services-Security-Bret-Hartman/dp/0471267163/ref=sr_1_1?ie=UTF8&s=books&qid=1236485538&sr=1-1>” books, as well as XACML <http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml> and several CORBA security specifications. He has served on program committees and/or helped to organize SOUPS, ACM CCS, IEEE Symposium on Security & Privacy, NSPW, NDSS, ACSAC, SACMAT. Prof. Beznosov has served as an associate editor of ACM Transactions on Information and System Security (TISSEC) and Elsevier’s Computers & Security <http://www.journals.elsevier.com/computers-and-security/>.
Home page: http://konstantin.beznosov.net/professional/