allfeeds.ai

 

CERIAS Weekly Security Seminar - Purdue University  

CERIAS Weekly Security Seminar - Purdue University

The weekly CERIAS security seminar has been held every semester since spring of 1992. We invite personnel at Purdue and visitors from outside to present on topics of particular interest to them in the areas of computer and network security, computer crime

Author: CERIAS

CERIAS -- the Nation's top-ranked interdisciplinary academic education and research institute -- hosts a weekly cyber security, privacy, resiliency or autonomy speaker, highlighting technical discovery, a case studies or exploring cyber operational approaches; they are not product demonstrations, service sales pitches, or company recruitment presentations. Join us weekly...or explore 25 years of archives for the who's-who in cybersecurity.
Be a guest on this podcast

Language: en-us

Genres: Courses, Education, Technology

Contact email: Get it

Feed URL: Get it

iTunes ID: Get it


Get all podcast data

Listen Now...

Pragathi Jha, Modeling Cyber Adversaries: A Critical Survey of Methods and Assumptions
Episode 917
Wednesday, 29 April, 2026

Cybersecurity practitioners face a persistent methodological problem: how should we reason about intelligent adversaries who observe our defenses, adapt their tactics, and choose targets based on our vulnerabilities? The field has responded with a fragmented toolkit. Quantitative risk assessment borrowed from safety engineering treats threat, vulnerability, and consequence as independent terms. Threat modeling frameworks such as STRIDE and attack trees emphasize structure but rarely quantify uncertainty. Game-theoretic models assume rationality and common knowledge that real attackers do not exhibit. Qualitative heat maps compress uncertainty into colored cells that cannot support budget optimization.This talk surveys these approaches critically, examining what each method commits you to and what it quietly sets aside. A common thread emerges: the alternatives can be understood as approximations to a Bayesian decision-theoretic ideal, each relaxing one or more assumptions for tractability. Modeling an adversary requires addressing four dimensions of uncertainty (what they want, what they know, what they can do, and how they decide) and the standard critiques of probabilistic cyber risk analysis (information asymmetry, correlated inputs, adaptation, the absence of objective base rates) turn out to be errors of naive practice rather than indictments of the methodology itself. Threat intelligence feeds, indicator matches, and shifts in attacker tradecraft fit naturally as Bayesian updates rather than as awkward inputs to frequentist frameworks. The survey closes not with a prescription but with a diagnostic question for practitioners and researchers alike: are the assumptions embedded in your chosen method appropriate for the decision you are trying to support? About the speaker: Pragathi Jha is a doctoral researcher in Industrial Engineering at Purdue University, where her work focuses on optimization, stochastic modeling, and game-theoretic approaches to decision-making under uncertainty. Her research lies at the intersection of operations research, applied probability, and strategic interaction, with an emphasis on developing rigorous mathematical frameworks for complex, adversarial systems.Her academic interests include multi-stage stochastic optimization, game theory, and the modeling of strategic behavior in dynamic environments. In the context of cybersecurity, she is particularly interested in adversarial decision-making, risk-aware resource allocation, and the design of resilient systems that account for uncertainty and strategic threats. Her work aims to bridge theoretical advances in optimization and game theory with practical applications in security, infrastructure protection, and data-driven decision support.Pragathi brings a strong foundation in quantitative methods and is committed to advancing research that is both mathematically rigorous and operationally impactful. Through her work, she seeks to contribute to the development of robust, scalable frameworks for analyzing and mitigating risks in complex, high-stakes environments.

 

We also recommend:


HD Brief
Hd Brief

Channel Android - ChannelAndroid Podcast High Res
ChannelAndroid

The Tab Cast
Zachary Sharpe

DevOps.com
DevOps.com



The ButtDial
The ButtDial

The Current Status
Hosted by @ExchangeGoddess, @24x7ITconnect, @vmiss33

AutoComplete (video)
Roadshow by CNET

GTC 2016
Bob Yen

Off Topic
ChomPics Audio

Home Assistant Podcast
Mostly Automated Media

INTERVAL
INTERVAL