A Vision for Human-Centered Cybersecurity

M. Wright
Rochester Institute of Technology, New York, United States

Keywords: cybersecurity, human-centered, interdisciplinary

While most research attention in cybersecurity is on technology, from cryptography on chips to using machine learning to detect attacks, many security problems in practice are due to people, such as a user opening a malicious email attachment. Understanding and designing for the human beings using, administering, and even attacking our systems is the key to making them more secure, not just on paper but in practice. In this poster presentation, I will discuss some of the research efforts at RIT in human-centered cybersecurity, including new password technologies, measuring the effectiveness of two-factor authentication, understanding the source of security bugs, and modeling attackers. This research forms the core of RIT's new Center for Cybersecurity, housed in the Golisano College of Computing and Information Sciences.