This project tackles the social and economic elements of Internet security: how the motivations and interactions of attackers, defenders, and users shape the threats we face, how they evolve over time, and how they can best be addressed. While security is a phenomenon mediated by the technical workings of computers and networks, it is ultimately a conflict driven by economic and social issues that merit a commensurate level of scrutiny. Today's online attackers are commonly profit-seeking, and the implicit social networks that link them together play a critical role in fostering the innovation and the efficiency underlying cybercrime markets. Further, the socio-economic lens can provide vital insights not only for understanding attackers, but victims too. Today's consumers, corporations, and governments make large investments in security technology with little understanding of their ultimate return-on-investment. And the ease with which we adopt online personas and relationships has created a collective blind spot that attackers exploit all-too-easily.
Grappling with these socio-economic dimensions is of fundamental importance for achieving a secure future information infrastructure, and developing a sound understanding of them requires research grounded in empiricism. Accordingly, the project has four key components: (1) pursue in-depth empirical analyses of a range of online criminal activities; (2) map out the evolving attacker ecosystem that preys on online social networks, and the extent to which unsafe online behavior is itself adopted and transmitted; (3) study how relationships among these criminals are established, maintained, and evolve over time; and (4) measure the efficacy of today's security interventions, both in the large and at the level of individual users. Across all of these efforts, the aim is to identify bottleneck elements where interventions might most effectively undermine entire ecosystems of abusive and criminal activities. Consequently, this research has the potential to dramatically benefit society by undermining entire cybercrime ecosystems: disrupting underground activities, infrastructure, and social networks through strategic intervention. The work will also create numerous educational opportunities, including undergraduate and graduate education as well as workforce education for security professionals, law enforcement, civil regulatory agencies, and legal scholars and professionals tasked with countering modern Internet threats.
