CMU-ISR-15-102
Institute for Software Research
School of Computer Science, Carnegie Mellon University



CMU-ISR-15-102

Assessing the Global Cyber and Biological Threat

Ghita Mezzour

April 2015

Ph.D. Thesis (COS)

Joint Thesis:
Department of Electrical and Computer Engineering
and Institute for Software Research

Currently Unavailable


Keywords: Cyber security, Science of security, Computers and Society, Public Policy Issues, Abuse and Crime Involving Computers, Global Cyber Security, Cyber Weapons, Cyber Warfare, Cyber Capabilities, Biological Weapons, Bioweapons, Bio Capabilities, Socio-cultural model, Friedkin model, Empirical analysis

In today's inter-connected world, threats from anywhere in the world can have serious global repercussions. In particular, two types of threats have a global impact: 1) cyber crime and 2) cyber and biological weapons. If a country's environment is conducive to cyber criminal activities, cyber criminals will use that country as a basis to attack end-users around the world. Cyber weapons and biological weapons can now allow a small actor to inflict major damage on a major military power. If cyber and biological weapons are used in combination, the damage can be amplified significantly.

Given that the cyber and biological threat is global, it is important to identify countries that pose the greatest threat and design action plans to reduce the threat from these countries. However, prior work on cyber crime lacks empirical substantiation for reasons why some countries' environments are conducive to cyber crime. Prior work on cyber and biological weapon capabilities mainly consists of case studies which only focus on select countries and thus are not generalizeable. To sum up, assessing the global cyber and biological threat currently lacks a systematic empirical approach.

In this thesis, I take an empirical and systematic approach towards assessing theglobal cyber and biological threat. The first part of the thesis focuses on cyber crime. I examine international variation in cyber crime infrastructure hosting and cyber crime exposure. I also empirically test hypotheses about factors behind such variation. In that work, I use Symantec's telemetry data, collected from 10 million Symantec customer computers worldwide and accessed through the Symantec's Worldwide Intelligence Network Environment (WINE). I find that addressing corruption in Eastern Europe or computer piracy in Sub-Saharan Africa has the potential to reduce the global cyber crime.

The second part of the thesis focuses on cyber and biological weapon capabilities. I develop two computational methodologies: one to assess countries' biological capabilities and one to assess countries' cyber capabilities. The methodologies examine all countries in the world and can be used by non-experts that only have access to publicly available data. I validate the biological weapon assessment methodology by comparing the methodology's assessment to historical data. This work has the potential to proactively reduce the global cyber and biological weapon threat.

109 pages

Thesis Committee:
L. Richard Carley (Co-Chair)
Kathleen M. Carley (Co-Chair)
Nicolas Christin
Mathew Elder (Symantec Research Labs)

William Scherlis, Director, Institute for Software Research
Andrew W. Moore, Dean, School of Computer Science


Return to: SCS Technical Report Collection
School of Computer Science

This page maintained by reports@cs.cmu.edu