Universita Degli Studi Di Trento

ESRs

Topic:
Attack vectors & cyber-threats
Research Work

My research focuses on the risk posed by "human behavior" while user uses security mechanisms. I am investigating authentication methods where the final decision is based on risk metrics and adjustable levels of confidence. Hence, actually designing and testing new behavioral authentication methods that aim at lowering potential security risks due to human behavior while user uses it.

Studies in the field of cyber attacks have found humans as the weakest link for most of the attacks in getting the access to critical systems. As a use case, studying the specific mechanism of user authentication securing the access to the system where a human is involved as an operator.

Existing authentication methods based on “something you know” and “something you have" is inherently binary (the level of confidence about the authenticity of the user must be 100% for the system to accept it). Particularly, I am focusing on behavioral biometrics because they are comparatively newer, user-friendly, and potentially well suited for new environments and contexts such as IoT devices and critical infrastructures. In addition, overall risk computation on which authentication decision is taken inherently asserts user behavior.

Also, I will focus on the task of applying threat model to the new authentication systems and making it resilient against possible vulnerabilities and cyber-threats specifically due to human factors.

+
Topic:
Risk metrics for vulnerabilities
Research Work

In a scenario, where a network administrator is analyzing a particular vulnerability in the company's network environment, where in this environment we have two levels of switches, edges switches connected to a core switch that is the output to the internet. The edges switches would be interconnecting the various hosts of the edge switch (servers, computers, etc.) and would have separate network traffic in sub-nets.
The network administrator could use the scores provided by CVSS to analyze the vulnerability found. The vulnerability detected in a particular node of the network using the environment metrics should be analyzed in another determined node of the network following all the necessary procedures so that the obtained result is the best possible for correction and repair of the problem.
In this small scenario we have already identified that the administrator will repeat the analysis of the same vulnerability in several locations and that the result will depend on the administrator's expertise and that it will take a long time to complete. For most companies that need a professional qualified to perform this service, that is, with network environments often larger than what we exemplify, this activity of the administrator becomes very difficult, conducive to human failure and financially very costly.
Thus, we envision a currently existing gap in a solution to try to help the network administrator do the vulnerability analysis activity, using the environmental metrics in an automated way, where an application would help in analyzing, correcting and repairing the problem in a more quickly, secure and financially less expensive.
Our research proposal is to seek a solution to automate the analysis and solution activity performed by the administrator in relation to environmental metrics. Thus, reducing the effective costs related to this activity.

+