Towards better management of organizational cybersecurity

dc.contributor.advisorWhinston, Andrew B.
dc.contributor.committeeMemberNovak, Gordon S
dc.contributor.committeeMemberLee, Gene Moo
dc.contributor.committeeMemberMiikkulainen, Risto
dc.creatorChoi, Yun-Sik
dc.date.accessioned2024-05-22T01:55:26Z
dc.date.available2024-05-22T01:55:26Z
dc.date.issued2019-05
dc.date.submittedMay 2019
dc.date.updated2024-05-22T01:55:27Z
dc.description.abstractCybersecurity poses a serious risk to organizations. To manage and improve organizational cybersecurity, one needs to have a technical comprehension of security threats along with an economic understanding of strategies employed by cyber attackers and defenders. In this dissertation, we take both empirical and theoretical approaches to deepen our understanding on the strategies of cybersecurity in three related chapters. First, we conduct an empirical analysis on publicly observed security incidents and developed an organizational security rating system. The rating is composed of botnet, spam, and phishing data from four data sources. By conducting a large-scale field experiment using the rating system, we find a causal relationship between security awareness and protection level. Second, we develop a game-theoretical model that characterizes a real-time dynamic interaction between an unidentified attacker and a defender in Internet Service Provider (ISP) level. Specifically, we propose a Bayesian Nash game in a network security setting. In this game, a deceptive attacker tries to maximize its profit, and the defender tries to detect the attacker’s identity. Our equilibrium suggests that the strategic defense of ISP is necessary for the viability of an Internet-based society. Third, we develop a data-driven prediction model for security event detection. We construct a large composite dataset of externally observable organizational security posture and historical cyber incidents. In addition, we use LDA topic modeling on disclosed annual risk reports from organizations (Form 10-K Item 1A) to extract topic features. By leveraging these data, our model effectively predicts future security incidents.
dc.description.departmentComputer Science
dc.format.mimetypeapplication/pdf
dc.identifier.uri
dc.identifier.urihttps://hdl.handle.net/2152/125377
dc.identifier.urihttps://doi.org/10.26153/tsw/51968
dc.language.isoen
dc.subjectCybersecurity
dc.subjectDeep learning
dc.subjectMachine learning
dc.subjectRandomized field experiment
dc.subjectGame theory
dc.titleTowards better management of organizational cybersecurity
dc.typeThesis
dc.type.materialtext
local.embargo.lift2020-05-01
local.embargo.terms2020-05-01
thesis.degree.departmentComputer Sciences
thesis.degree.grantorThe University of Texas at Austin
thesis.degree.nameDoctor of Philosophy

Access full-text files

Original bundle

Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
CHOI-PRIMARY-2024-1.pdf
Size:
800.91 KB
Format:
Adobe Portable Document Format

License bundle

Now showing 1 - 2 of 2
No Thumbnail Available
Name:
LICENSE.txt
Size:
1.84 KB
Format:
Plain Text
Description:
No Thumbnail Available
Name:
PROQUEST_LICENSE.txt
Size:
4.45 KB
Format:
Plain Text
Description: