Machine learning methods for personalized cybersecurity
Download
Report
Transcript Machine learning methods for personalized cybersecurity
Machine Learning Methods for
Personalized Cybersecurity
Jaime G. Eugene
Mehrbod
Applying
machine
learning
and
Carbonell
Sharifi
Fink
artificial intelligence to adapt
cybersecurity tools to the needs
of (naïve) individual users.
Individual user differences
• Security needs
- Data confidentiality
- Data-loss tolerance
- Recovery costs
• Usage patterns
• Computer knowledge
Different users need
different security tools.
Problem
• Inflexible engineered solutions
with “too much security”
- Too high security at high costs
- Insufficient customization options
• “Advanced user” assumption
- Complicated customization
- Unclear security warnings
Examples
Typical response of naïve users:
• Always no (too much security)
• Always yes (not enough security)
• Ask a techie if available
Population statistics
Computer use by
age and gender
User naïveté
correct
answers
Population statistics
• Almost everyone uses a computer
• Most users are naïve, with very
limited technical knowledge
• Many security problems are
due to the user naïveté
When an average user deals with
security issues, she often needs
basic advice and handholding.
Long-term goal
We need an automated security
assistant that learns the needs
of the individual user and helps
the user to apply security tools.
Research problems
• Learning about the user
Usage
patterns
• Elicitation of security needs
- Technical knowledge
Understandable
questions
• Understandable
- Security choices warnings
-- Not-Sure
Optimized
question
selection
response
option
• Learning
across
multiple
users
-- Explanation
Conversion
of
the
elicited
answers
customized to the
- to
Learning
from
observations
appropriate
security
settings
user
technical
knowledge
-- Advice
Integration
of expert
advice
customized
to the
user needs
- Optimization
Distributed processing
of massive data
of yes/no decisions
Architecture
Top-Level Control
Model current Model
Const- model Evaluruction
ation
answers and
observations
model
utility and
limitations
Security
Decision
Optimizer
Data
Collection
Question
Selection
questions