Skip to Main content Skip to Navigation
Theses

Data-driven risk quantification for proactive security

Abstract : The feasibility and efficacy of proactive measures depend upon a cascading of challenges: how can one quantify the cyber risks of a given entity, what reliable indicators can be used to predict them, and from which data sources can they be extracted? In this thesis, we enumerate active challenges that practitioners and researchers face when attempting to quantify cyber-risks and contextualise them in the emerging domain of cyber insurance, and propose several research directions. We then explore some of these areas, evaluate the incidence that different security measures and security postures have on malware-infection risks and assess the goodness of nine host- extracted indicators when investigating the systematic nature of those risks. We finally provide evidence about the importance that data-source selection together with a holistic approach have on risk measurements. We look at web-tracking and demonstrate how underestimated privacy risks are when excluding the users' perspective.
Document type :
Theses
Complete list of metadata

https://tel.archives-ouvertes.fr/tel-03576863
Contributor : ABES STAR :  Contact
Submitted on : Wednesday, February 16, 2022 - 12:42:07 PM
Last modification on : Friday, February 18, 2022 - 10:16:34 AM
Long-term archiving on: : Tuesday, May 17, 2022 - 6:36:15 PM

File

DAMBRA_Savino_these_2021.pdf
Version validated by the jury (STAR)

Identifiers

  • HAL Id : tel-03576863, version 1

Citation

Savino Dambra. Data-driven risk quantification for proactive security. Cryptography and Security [cs.CR]. Sorbonne Université, 2021. English. ⟨NNT : 2021SORUS356⟩. ⟨tel-03576863⟩

Share

Metrics

Record views

65

Files downloads

33