notice
Invited Speaker Seminar: Clinical trials in computer security - Report on a world-first proof-of-concept experiment
Dr. Jose M. Fernandez,
Associate Professor, Polytechnique Montreal
Thursday, September 18, 2014 at 4:00 p.m.
Room EV003.309
Abstract
The success of malicious software (malware) attacks often depend upon both technical and human factors. Most mass-market and targeted attacks depend on user actions such as clicking on drive-by-download web sites or opening email attachments. In addition, even the most security conscious users are vulnerable to zero-day exploits and even the best security mechanisms can be circumvented by poor user choices. While there has been significant research addressing the technical aspects of malware attack and defense, there has been much less research reporting on how human behavior interacts with both malware and current malware defenses.
To try to shed some light on this issue, we performed at Polytechnique Montreal a 4 month-long field study, conducted in a fashion similar to the clinical trials used to evaluate medical interventions and pharmaceutial drugs. This study involved 50 subjects whose laptops were instrumented to monitor possible infections and gather data on user behavior. Although the population size was limited, this initial study produced some intriguing, non-intuitive insights into the efficacy of current defenses, particularly with regards to the technical sophistication of end users. In this presentation, we will describe the methodology employed, present some of the results obtained and discuss lessons learned from the design and worldwide-first conduction of an experiment of this type in computer security.
Joint work with Fanny Lalonde Levesque (Polytechnique) and Anil Somayaji & Sonia Chiasson (Carleton University), presented at CSET 2014, ACM CCS 2013, USEC 2012 and Virus Bulletin 2012.
Biography
Dr. Fernandez is an associate professor in the Department of Computer & Software Engineering at Polytechnique Montreal. He heads the Laboratory for Information Security Research (SecSI) and his main area of research is computer security. His current research interests include malware, cybercrime, cyber warfare, security of SCADA systems, security product testing methodologies, and security and integration of logical and physical access control systems. He has several years of professional experience as a practitioner of Information Security in both industry and government. He holds Bachelor’s degrees in Mathematics and Computer Science and Engineering from MIT, a Master’s in Cryptology from the University of Toronto, and a Ph.D. in Quantum Computing from the Université de Montréal.
Contact
For additional information, please contact:
Dr. Mohammad Mannan
514-848-2424 ext. 8972
mmannan@ciise.concordia.ca