Sauvik Das - Social Cybersecurity

Entering an era of pervasive, connected smart things, our cybersecurity decisions increasingly interfere with our social lives. Yet, little is known of the complex social consequences of our security behaviors, and vice versa. Absent this knowledge, it is difficult to develop better, more socially intelligent security systems that are intuitive for the layperson. My work on social cybersecurity bridges this gap. First, I will highlight some data science work on how social factors affect security behaviors through two empirical analyses: (i) an exploratory analysis of how optional-use security tools diffused through the social networks of 1.5 million Facebook users and (ii) a randomized, controlled experiment with 50,000 people. I will then discuss Thumprint, an inclusive authentication system I created based on the results of the prior empirical analyses. Using techniques from both supervised and unsupervised machine learning, Thumprint authenticates and identifies individual members of small, local groups (e.g., families or small work teams) through the acoustic and acceleration profiles of a single, shared secret knock. Taken together, my work points towards a future of socially intelligent security systems that understand and accommodate basic human behaviors, desires, and capabilities.