The quantity of personal data that is collected, stored, and subsequently processed continues to grow rapidly. Given its sensitivity, ensuring privacy protections has become a necessary component of database management. To enhance protection, a …
Transactive energy systems (TES) are emerging as a transformative solution for the problems that distribution system operators face due to an increase in the use of distributed energy resources and rapid growth in scalability of managing active …
Many organizations and companies have recently chosen to use so-called bug-bounty programs (also known as vulnerability reward programs), which allow outside security experts to evaluate the security of an organization’s products and services and to report security vulnerabilities in exchange for rewards. Bug-bounty programs provide unique benefits by allowing organizations to publicly signal their commitment to security and to harness the diverse expertise of thousands of security experts in an affordable way. Despite their rapidly growing popularity, bug-bounty programs are not well understood and can be mismanaged. As a result, bug bounty programs can waste substantial resources and they rarely live up to their potential to improve cybersecurity. This project will significantly improve the efficiency of bug-bounty programs by collecting and publishing comprehensive datasets on the bug-bounty ecosystem, by establishing a sound theory of bug-bounty programs, and by providing practical recommendations for organizations and regulators. The project will directly benefit organizations and companies by enabling them to manage bug-bounty programs more efficiently, which will allow them to eliminate security vulnerabilities at a lower cost; and it will also benefit users by improving the security of software products and services.
The adoption of blockchain based distributed ledgers is growing fast due to their ability to provide reliability, integrity, and auditability without trusted entities. One of the key capabilities of these emerging platforms is the ability to create …
In recent years, we have seen a large number of cyber-incidents, which demonstrated how difficult it is to prevent cyber-breaches when facing determined and sophisticated attackers. In light of this, it is clear that defenders need to look beyond the …
To observe and control a networked system, especially in failure-prone circumstances, it is imperative that the underlying network structure is robust against node or link failures. A common approach for increasing network robustness is redundancy: …
Power grids are undergoing major changes due to rapid growth in renewable energy and improvements in battery technology. Prompted by the increasing complexity of power systems, decentralized IoT solutions are emerging, which arrange local communities …
In a networked system, the risk of security compromises depends not only on each node’s security, but also on the topological structure formed by the connected individuals, businesses, and computer systems. Research in network security has been …
An insurer has to know the risks faced by a potential client to accurately determine an insurance premium offer. However, while the potential client might have a good understanding of its own security practices, it may also have an incentive not to …
As the Industrial Internet of Things (IIot) becomes more prevalent in critical application domains, ensuring security and resilience in the face of cyber-attacks is becoming an issue of paramount importance. Cyber-attacks against critical …