Social Cybersecurity: Reshaping Security Through An Empirical Understanding of Human Social Behavior
Entering an era of pervasive, connected smart things, our cybersecurity decisions increasingly interfere with our social lives. Yet, little is known of the complex social consequences of our security behaviors, and vice versa. Absent this knowledge, it is difficult to develop better, more socially intelligent security systems that are intuitive for the layperson. My work on social cybersecurity bridges this gap. First, I will highlight some data science work on how social factors affect security behaviors through two empirical analyses: (i) an exploratory analysis of how optional-use security tools diffused through the social networks of 1.5 million Facebook users and (ii) a randomized, controlled experiment with 50,000 people. I will then discuss Thumprint, an inclusive authentication system I created based on the results of the prior empirical analyses. Using techniques from both supervised and unsupervised machine learning, Thumprint authenticates and identifies individual members of small, local groups (e.g., families or small work teams) through the acoustic and acceleration profiles of a single, shared secret knock. Taken together, my work points towards a future of socially intelligent security systems that understand and accommodate basic human behaviors, desires and capabilities.
Sauvik Das is a Ph.D. candidate at Carnegie Mellon University’s School of Computer Science. His research, which intersects HCI, data science and cybersecurity, aims to empower people with novel security systems that mitigate costs of time, effort and social capital. His work has won three best paper or honorable mention awards at premier venues (UbiComp 2013, CHI 2016 and 2017) as well as an honorable mention for the NSA’s Best Scientific Cybersecurity Paper Award in 2014. His work has also been covered by the popular press, including features on the Financial Times, Slate, Ars Technica, and The Atlantic. In addition, he is a NDSEG fellow, a Qualcomm Innovation Fellow, a Stu Card Graduate Fellow, and a NSF EAPSI Fellow. Prior to CMU, Sauvik earned a bachelor’s in computer science at Georgia Tech.