Loading [MathJax]/jax/input/TeX/config.js

The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)

Measuring Data Protection: A Causal Artificial Intelligence Modeling Approach

Download

Download PDF Document
PDF

Author

Robert Morton

Tech report number

CERIAS TR 2024-7

Entry type

phdthesis

Abstract

The research delves into the intricate challenge of quantifying data protection, a concept that has evolved from ancient ethical codes to the complex landscape of modern cybersecurity. The research underscores the pressing need for a scientific approach to cybersecurity, emphasizing the importance of measurable security properties and a robust theoretical foundation. It highlights the historical evolution of confidentiality, tracing its roots from ancient civilizations to the contemporary digital era, where the proliferation of technology has amplified both the important ortance and complexity of safeguarding sensitive information. The research identifies key challenges in measuring data protection, including the dynamic nature of threats, the gap between theoretical models and real-world implementations, and the difficulty of accurately modeling risks. It also explores societal challenges related to data protection, such as data breaches, surveillance, social media privacy erosion, and the lack of adequate regulations and enforcement. The core of the research lies in developing a causal model that examines the interplay of security controls, vulnerabilities,and threats, providing a deeper understanding of the factors influencing data exposure. The model is built upon a comprehensive literature review, synthesizing key findings and establishing a taxonomy of security protections. The research outlines a structured approach to building and utilizing causality models, incorporating essential elements such as identifying key variables, visualizing causal relationships using Directed (A)cyclic Graphs (DAGs), and determining appropriate research methodologies. The model is rigorously validated through various techniques, including assessing model fit, examining confounding factors. The research also explores a general set of experiments for both interventions and counterfactual studies. The research concludes by highlighting potential future research directions, particularly emphasizing the need for standardized data protection metrics and the development of adaptive security systems. It underscores the importance of consistent measurements that enable organizations to compare their security performance effectively and adapt to the evolving threat landscape. The development of adaptive security systems, capable of dynamically modifying defense mechanisms in response to new threats, is also identified as a crucial research avenue. The research's contribution lies in providing a systematic approach to studying data protection, from problem identification to model development, validation, and future directions, ultimately aiming to enhance the protection of sensitive information.

Download

PDF

Date

2024 – 12 – 5

Institution

U.S. Intelligence Community & National Science Foundation

Key alpha

Morton

School

Purdue University

Affiliation

Robert Morton & Google

Publication Date

2024-12-05

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.