The social science of cyberattacks

Nov 08, 2013 by Eric Swedlund

Thwarting cyberattacks could be as much a task for social scientists as it is for computer engineers.

A unique research collaboration at the University of Arizona is working on a special NSF exploratory grant to test exactly that notion, hoping that cooperation between social and can yield a breakthrough.

Cybersecurity is essential for protecting national interests in terms of defense and finance, but those security needs are increasingly found in other sectors as well.

However, current defenses have limited capabilities in predicting cyberattacks or determining their sources. Brint Milward, lead investigaor of the UA's grant, says the typical understanding of cyberattacks is along the lines of studying symptoms instead of a disease.

Milward, the Providence Service Corporation Chair in the School of Government and Public Policy, is teaming with sociology professor Ronald Breiger and two colleagues from electrical and computer engineering – Loukas Lazos and Jerzy W. Rozenblit, University Distinguished Professor and Raymond J. Oglethorpe Endowed Chair – to develop models of characteristics, classify adversarial groups according to similar features and analyze those groups using social network science.

"What we're saying from the social science perspective is don't focus on the attack. Focus on the attackers," Milward said. "Tracing where these attacks come from when they're bounced off computers all over the world is extraordinarily difficult and the best you can do is trace them back to a country. The ideal would be to move beyond that to identify the groups and their motives. A second best solution may be to identify the attackers by the kind of attack they carry out."

The researchers are integrating cyber data forensics with human-centric social network analysis, a novel approach that Milward hopes will contribute to counter-strategies down the road.

"One of the things we've done initially is classified attacks according to the purpose, like recreation, where people just want to create trouble, ideology, revenge and profit. All those things could be the motive and if you could attach a signature, based on the techniques a group uses to any of those motives, it tells you about the kinds of people who are engaging in this," Milward said.

"What the computer scientists are able to do is analyze enormous amounts of data and from that we can look at the smaller set of data associated with these attacks. In looking at the attacks, we can infer from the nature what the strategy or motive would be and find a signature and over time we can hopefully attach that signature to specific groups."

The proof-of-concept grant will also test whether the research team's interdisciplinary approach can yield answers that have eluded individual researchers in a single academic discipline.

"Can we bring people from very different fields with very different skill sets to attack a very hard problem and are they going to be able to tell us things that other people can't?"

Explore further: Japan court orders Facebook to reveal revenge porn IP addresses

add to favorites email to friend print save as pdf

Related Stories

3Qs: The rules of cyber-engagement

Mar 06, 2013

The Obama administration is close to approving the nation's first set of rules for how the military can defend or retaliate against a major cyberattack, according to a report last month in The New York Ti ...

Researchers warn of 'hit and run' cyber attackers

Sep 26, 2013

Security researchers said Wednesday they uncovered a "cyber mercenary" team which specializes in attacks on targets in Japan and South Korea, and warned of more operations of that nature.

Answers to your questions about massive cyberattack

Mar 29, 2013

Here are some answers to questions about perhaps the biggest cyberattack ever, which recently targeted Spamhaus, an anti-spam group based in Geneva and London. It ended up slowing down or blocking access to numerous Interne ...

Recommended for you

Kickstarter suspends privacy router campaign

Oct 20, 2014

Kickstarter has suspended an anonymizing router from its crowdfunding site. By Sunday, the page for "anonabox: A Tor hardware router" carried an extra word "(Suspended)" in parentheses with a banner below ...

User comments : 0