Computer Security Visualization and Economics of Security
Dr. Qi Liao
Central Michigan University
In this talk, I will give a brief overview of a few current research projects on two important topics: 1) security data analysis and visualization, and 2) economics of computer security. In the first part, I will focus on anomaly detection in large-scale networks. Algorithms in graph theory, graph data mining and graph visualization techniques can be useful, in which automation is combined with knowledge from domain experts. Through demos and case studies, I will show the tools we developed and their usefulness in situation awareness, network management and security investigation. In my second part of talk, I will approach computer security from a different angle, i.e., economic perspective. Most hard security problems are essentially economic problems. Given that money is perhaps the single determining force driving the growth of many malicious cyber-activities (such as botnet attacks), we propose interesting economic approaches to take away the root cause of botnets, i.e.,
the financial incentives. In addition, many security problems involve interactions between attackers and defenders. This can be naturally modeled in a game theoretical framework and Nash equilibria may be derived. Through modeling security problems in economic model, we show their usefulness for better understanding and ultimately solving the security problems.