San Diego, Sept. 25, 2012 -- Computer scientists at the University of California, San Diego, the International Computer Science Institute at Berkeley and George Mason University have received a $10 million, five-year grant from the National Science Foundation to map out the illicit activities taking place in the cybersecurity underworld and to understand how the mind of a cybercriminal works.
Savage and several other researchers on the project are also affiliated with Calit2 at UC San Diego. They include Computer Science and Engineering professors Geoffrey Voelker and Alex Snoeren, as well as political science professor James Fowler.
Among their goals, the researchers will investigate how criminals make money, their economic and social relationships, and the various ways they interact with victims and defenders to achieve their goals. The researchers hope that by better understanding these dynamics, they will be able to identify the best opportunities for interventions and defenses against cybercrime.
Economics come to the forefront in understanding how the world of modern cybercrime works, including the motives behind the vast majority of Internet attacks, and the elaborate marketplaces that support them. Social interactions are key to understanding how venues such as Facebook and Twitter present new opportunities for attacks and manipulation, and to understanding the relationships among cybercriminals, who heavily rely upon one another for services and know-how.
Savage will work with six other UC San Diego researchers, including social scientist James Fowler, best known for his work on social contagion. The basic idea for this project is that technological security depends on the human factor, Fowler said. “I love that engineers and computer scientists are acknowledging that security depends as much on human behavior as it does on technology,” he said. “I look forward to working with them to help tackle these problems.”
This effort is an extension of an ongoing collaboration in cybersecurity that the Berkeley and San Diego teams have built by working together for over a decade. In just the last year, Paxson and Savage’s team made headlines for a study that charted the complete “value chain” for email spam – the technical and economic relationships involved in making spam profitable. Researchers also identified which links in the value chain were the most vulnerable. By carefully tracking payment information across an array of test purchases, they showed that just three banks handled payments for 95 percent of spam-advertised products. This finding, what the researchers call a “choke point,” suggested that targeting the economics of spam could ultimately be more effective than only addressing its technical symptoms. Today, this approach is being tested through collaborations between financial institutions, brand holders and government agencies.
The NSF grant will fund this kind of interdisciplinary work, but with greater breadth and scale. Researchers will focus on four key areas:
The other researchers from the Jacobs School of Engineering involved on the grant are computer science professors Geoffrey Voelker, Lawrence Saul and Alex Snoeren from the Department of Computer Science and Engineering, as well as research scientists Kirill Levchenko and Erin Kenneally, a cyberforensics specialist at the Center for Advanced Computational Science Engineering.
The ICSI researchers led by Vern Paxson are Mark Allman, Chris Grier, Chris Hoofnagle, Dan Klein, Christian Kreibich, Deirdre Mulligan and Nicholas Weaver.
Ioana Patringenaru, 858-822-0899, firstname.lastname@example.org