Understanding the social side of cyber-security issues

Understanding the social side of cyber-security issues
Associate professor Engin Kirda's research involves studying Web security and creating better virus-protection techniques. Photo by Michael Mazzanti.

When Engin Kirda started focusing on cyber-security research 10 years ago, those primarily responsible for launching Internet attacks were teenagers out for kicks, he said. But the scope of threats existing through the Web has dramatically changed since then.

Now breaches are often financially motivated and highly organized — which presents intriguing challenges for the new associate professor with joint appointments in Northeastern’s College of Computer and Information Science and Department of Electrical and Computer Engineering.

“We’ve seen a shift from attacks for fun to attacks for profit,” said Kirda, who joined the faculty in January. “That’s why it’s fascinating for me to see how these bad guys are operating, and to try to come up with solutions to combat them.”

Kirda studies Internet security issues and how to discover vulnerabilities in websites and Internet applications to create more secure applications. He is also working on creating better virus-detection techniques. He previously taught at research institutions in Vienna and Sophia Antipolis, France, and he is the cofounder and codirector of the International Secure Systems Lab — a collaborative effort of European and U.S. researchers focused on analyzing and designing tools for computer security.

Kirda plans to take a closer look at why some users’ computers get infected with malware, a software designed to harm or secretly access a computer system, and how well those people are able to identify cyber attacks. As part of this project, users would be given online tests to determine the scope of their understanding of cyber threats.

“One thing I have learned over the years is that security problems are not only technical problems. There is a very social aspect to all these issues,” he says. “For example, someone can come up with technical solutions, but they might still fail because we don’t exactly understand how well users are actually able to accept these technical solutions.”

Kirda was drawn to Northeastern in part because of the new Information Assurance doctoral program, and he hopes to explore interdisciplinary collaborations here to develop more robust systems and better solutions.

He says one small virus released in a network or system, for a bank or nuclear reactor, can cause major damage. Given the number of people and companies depending on Internet reliability and security on a daily basis, he is excited to work in an ever-evolving field of significant societal importance.

“The problems are very real,” Kirda says, “so there is an opportunity to make quite a large impact.”


Explore further

ND Expert: WikiLeaks points out danger of insider threats to information security

Citation: Understanding the social side of cyber-security issues (2011, May 4) retrieved 23 November 2020 from https://phys.org/news/2011-05-social-side-cyber-security-issues.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
0 shares

Feedback to editors

User comments