Project Title: Theoretical and Experimental Framework for Estimating Cyber Victimization Risk in a Hybrid Physical-Virtual World
PI Name: Xinyue Ye (Urban Planning & Geography & Multidisciplinary Engineering)
Team Members: Nitesh Saxena (Computer Science & Engineering), Shih-Lung Shaw (Geography), Ling Wu (Criminal Justice)
Funding Amount: $10,000
Short Project Description:
The proposed research will develop a theoretical framework to integrate victims’ physical and virtual routine activities using the metaphor of space-time path to explain their cyber victimization risk in today’s hybrid world. Better situational crime prevention techniques can be designed if we can understand how phishing opportunities are shaped by people’s routine activities in both physical and virtual spaces. The proposed research will transform routine activities theory (RAT) from the pure physical (or virtual) space into the hybrid space version. The existence of virtual space enhances connections among people through electronic linkages and allows people to exchange information even while they occupy different physical locations. The existing Social, Behavioral, and Economic Sciences (SBE) research has generated valuable information on risk, consequences, dynamics, and prevention of certain types of cyber-offending and victimization. However, though there exists an extensive literature in Computer and Information Science and Engineering (CISE) investigating user susceptibility to different kinds of cybersecurity threats such as phishing, while limited number of victimization research has been conducted in the SBE field because of the knowledge gap between computer scientists and social scientists. In addition, existing victimization studies in SBE are virtual space-focused, and no study has examined the effect of hybrid space (human action and interaction under the joint effects of physical and virtual spaces) on cyber-victimization. Based on the theoretical framework, we plan to use a mixed method of experimental design followed by a survey of virtual and physical activities of the subjects included in the experimental design, which will be submitted to NSF Secure and Trustworthy Cyberspace (SaTC).
Project Title: Secure and Sustainable Energy for Blockchain
PI Name: Le Xie (Electrical & Computer Engineering)
Team Members: Chao Tian (Electrical & Computer Engineering), Prasad Enjeti (Electrical & Computer Engineering), Korok Ray (Mays Business School)
Funding Amount: $10,000
Short Project Description:
This team plans to utilize this seed grant to develop larger-scale research activities and research proposals in the area of blockchain and energy, with a focus on cyber security and environmental sustainability. Blockchain-based cryptocurrencies and technologies are disrupting modern finance, economics, and contract-based mechanisms. The built-in proof-of-work requirement in many such cryptocurrencies, predominantly found in Bitcoin, entails significant computation in order to maintain consensus and verify transactions. Miners, driven by the associated rewards, nowadays utilize large scale computer farms for this purpose, and such farms consume an enormous amount of energy, even more than entire residential neighborhoods. To enable large scale adoption of such technologies, serious considerations need to first be made regarding their energy consumption patterns and impact on the physical and cyber security of existing infrastructures. Blockchain-based cryptocurrencies and technologies are disrupting modern finance, economics, and contract-based mechanisms. The built-in proof-of-work requirement in many such cryptocurrencies, predominantly found in Bitcoin, entails significant computation in order to maintain consensus and verify transactions. Miners, driven by the associated rewards, nowadays utilize large scale computer farms for this purpose, and such farms consume an enormous amount of energy, even more than entire residential neighborhoods. To enable large scale adoption of such technologies, serious considerations need to first be made regarding their energy consumption patterns and impact on the physical and cyber security of existing infrastructures.
Project Title: Developing an Economic Impact Assessment Tool for Cyber-Attacks in Business Systems (EITCB)
PI Name: Mawuli Afenyo (Department of Maritime Business Administration)
Team Members: Caesar Livingston (Department of Maritime Business Administration)
Funding Amount: $10,000
Short Project Description:
Potential cyber breaches for business systems present unique challenges in terms of mitigation and response. Cyber-attacks are among the most anticipated activities likely to increase over the coming years in business systems. According to the Centre for Strategic and International Studies (CSIS) since 2016, the world has been losing approximately 2% of its GDP to cyber-attacks. Should a cyber-attack occur, the impacts need to be evaluated rapidly, which requires a dynamic and interactive tool that could be easily updated and modified in response to advancing knowledge and the evolving character of the threats. Such a tool would be very useful for governments for planning purposes, evaluating the cost of response measures, cost of recovering to the original state of the systems and for setting insurance premiums for such. A multi-period economic impact assessment tool for cyber-attacks in business systems (EITCB) will be developed to address the importance of spatially explicit and scenario-specific cyber risk assessment in business systems.
The major aims of this research include:
Understanding the factors affecting the economic impacts of cyber-attacks in business systems.
Developing an EITCB that evaluates the opportunity cost of implementing available response techniques for cyber security management. The tool would use a probabilistic-based theory to address uncertainties.
Developing transferable methodological tools, guidelines, and frameworks to support decision-making.
The EITCB will be developed in partnership with stakeholders to better assess impact factors associated with cyber related attacks, while also reflecting the governance regime for cybersecurity management.