Preview The New Tandon Website!

Quantitative Cyber Risk Assessment: From Breach Prediction to Incentive Design

Friday, March 23, 2018 - 11:00am EDT

  • Location:2 MetroTech Center, 10th Floor, 10.099
  • Contact:Justin Cappos

Speaker: Mingyan Liu, University of Michigan, Ann Arbor


In this talk, I will present our ongoing effort in the quantitative assessment of an organization's cybersecurity risk from externally observable properties, by applying modern machine techniques to large quantities of Internet measurement data.  Specifically, I will first describe the use of host malicious activity data (including spam, phishing, and active scanning) combined with network configuration data to obtain cybersecurity incident prediction at an organizational level.  I will then describe the additional use of business details about an organization to obtain more fine-grained prediction, which examines not just the overall risk of an incident, but the types of incidents it is particularly susceptible to.  Both of these studies follow a supervised learning framework where ground truth information in the form of data breach reports is used.  In the third study I will show how deep learning techniques can be used to obtain application-agnostic, universal, and light-weight features from global scan measurements in an unsupervised setting; these features can then be used in a variety of supervised learning applications including that of prediction of malicious hosts.  I will conclude the talk by describing how our ability to make predictions, or more generally, our ability to quantify at a global level the security postures of organizations, can be crucial in designing mechanisms to induce more socially desirable behaviors at the firm level.  In particular, quantitative assessment of this type may be viewed as creating a form of "public monitoring" that enables inter-temporal incentives to sustain long-term security information sharing among firms, or viewed as a form of "security pre-screening" to effectively mitigate moral hazard in underwriting cyber insurance policies through premium discrimination.


Mingyan Liu received her Ph.D. in electrical engineering from the University of Maryland, College Park, in 2000.  She has since been with the Department of Electrical Engineering and Computer Science at the University of Michigan, Ann Arbor, where she is currently a Professor.  Her research interests are in optimal resource allocation, incentive design, and performance modeling and analysis, all within the context of communication networks.  Her most recent research activities involve online learning, modeling and mining of large scale Internet measurement data concerning cybersecurity, and incentive mechanisms for inter-dependent security games.  She is the recipient of the 2002 NSF CAREER Award, the University of Michigan Elizabeth C. Crosby Research Award in 2003 and 2014,  the 2010 EECS Department Outstanding Achievement Award and the 2015 College of Engineering Excellence in Education Award.  She holds Best Paper Awards from the International Conference on Information Processing in Sensor Networks (IPSN) in 2012 and the IEEE/ACM International Conference on Data Science and Advanced Analytics (DSAA) in 2014.  She serves/has served on the editorial board of IEEE/ACM Trans. Networking, IEEE Trans. Mobile Computing, and ACM Trans. Sensor Networks.  She is a Fellow of the IEEE and a member of the ACM.