search menu icon-carat-right cmu-wordmark

Subject: Human-Machine Interactions

Situational Awareness for Cybersecurity: An Introduction

Situational Awareness for Cybersecurity: An Introduction

• SEI Blog
Angela Horneman

Situational awareness (SA) helps decision makers throughout an organization have the information and understanding available to make good decisions in the course of their work. It can be focused specifically on helping people and organizations protect their assets in the cyber realm or it can be more far reaching. SA makes it possible to get relevant information from across an organization, to integrate that information, and to disseminate it to help people make better decisions....

Read More
Best Practices in Network Traffic Analysis: Three Perspectives

Best Practices in Network Traffic Analysis: Three Perspectives

• SEI Blog
Angela Horneman

This post is also authored by Tim Shimeall and Timur Snoke. In July of this year, a major overseas shipping company had its U.S. operations disrupted by a ransomware attack, one of the latest attacks to disrupt the daily operation of a major, multi-national organization. Computer networks are complex, often tightly coupled systems; operators of such systems need to maintain awareness of the system status or disruptions will occur. In today's operational climate, threats and...

Read More
Obsidian: A New, More Secure Programming Language for Blockchain

Obsidian: A New, More Secure Programming Language for Blockchain

• SEI Blog
Eliezer Kanal

Billions of dollars in venture capital, industry investments, and government investments are going into the technology known as blockchain. It is being investigated in domains as diverse as finance, healthcare, defense, and communications. As blockchain technology has become more popular, programming-language security issues have emerged that pose a risk to the adoption of cryptocurrencies and other blockchain applications. In this post, I describe a new programming language, Obsidian, which we at the SEI are developing...

Read More
Best Practices for Cloud Security

Best Practices for Cloud Security

• SEI Blog
Donald Faatz

As detailed in last week's post, SEI researchers recently identified a collection of vulnerabilities and risks faced by organizations moving data and applications to the cloud. In this blog post, we outline best practices that organizations should use to address the vulnerabilities and risks in moving applications and data to cloud services. These practices are geared toward small and medium-sized organizations; however, all organizations, independent of size, can use these practices to improve the security...

Read More
Revealing True Emotions Through Micro-Expressions: A Machine Learning Approach

Revealing True Emotions Through Micro-Expressions: A Machine Learning Approach

• SEI Blog
Satya Venneti

Micro-expressions--involuntary, fleeting facial movements that reveal true emotions--hold valuable information for scenarios ranging from security interviews and interrogations to media analysis. They occur on various regions of the face, last only a fraction of a second, and are universal across cultures. In contrast to macro-expressions like big smiles and frowns, micro-expressions are extremely subtle and nearly impossible to suppress or fake. Because micro-expressions can reveal emotions people may be trying to hide, recognizing micro-expressions can...

Read More
Machine Learning and Insider Threat

Machine Learning and Insider Threat

• SEI Blog
Daniel Costa

As organizations' critical assets have become digitized and access to information has increased, the nature and severity of threats has changed. Organizations' own personnel--insiders--now have greater ability than ever before to misuse their access to critical organizational assets. Insiders know where critical assets are, what is important, and what is valuable. Their organizations have given them authorized access to these assets and the means to compromise the confidentiality, availability, or integrity of data. As organizations...

Read More
Real-Time Extraction of Biometric Data from Video

Real-Time Extraction of Biometric Data from Video

• SEI Blog
Satya Venneti

The Department of Defense is increasingly relying on biometric data, such as iris scans, gait recognition, and heart-rate monitoring to protect against both cyber and physical attacks. "Military planners, like their civilian infrastructure and homeland security counterparts, use video-linked 'behavioral recognition analytics,' leveraging base protection and counter-IED operations," according to an article in Defense Systems. Current state-of-the-art approaches do not make it possible to gather biometric data in real-world settings, such as border and airport...

Read More
What Is Bitcoin? What Is Blockchain?

What Is Bitcoin? What Is Blockchain?

• SEI Blog
Eliezer Kanal

Blockchain technology was conceived a little over ten years ago. In that short time, it went from being the foundation for a relatively unknown alternative currency to being the "next big thing" in computing, with industries from banking to insurance to defense to government investing billions of dollars in blockchain research and development. This blog post, the first of two posts about the SEI's exploration of DoD applications for blockchain, provides an introduction to this...

Read More
Machine Learning in Cybersecurity

Machine Learning in Cybersecurity

• SEI Blog
Eliezer Kanal

The year 2016 witnessed advancements in artificial intelligence in self-driving cars, language translation, and big data. That same time period, however, also witnessed the rise of ransomware, botnets, and attack vectors as popular forms of malware attack, with cybercriminals continually expanding their methods of attack (e.g., attached scripts to phishing emails and randomization), according to Malware Byte's State of Malware report. To complement the skills and capacities of human analysts, organizations are turning to machine...

Read More
Three Practice Areas for Using Positive Incentives to Reduce Insider Threat

Three Practice Areas for Using Positive Incentives to Reduce Insider Threat

• SEI Blog
Andrew Moore

In the 2016 Cyber Security Intelligence Index, IBM found that 60 percent of all cyber attacks were carried out by insiders. One reason that insider threat remains so problematic is that organizations typically respond to these threats with negative technical incentives, such as practices that monitor employee behavior, detect and punish misbehavior, and otherwise try to force employees to act in the best interest of the organization. In contrast, this blog post highlights results from...

Read More