The research in our laboratory focuses on addressing the following three key research areas and their interconnections: Cybersecurity, Social-Engineering, and User-authentication.
OverviewCybersecurity threats and vulnerabilities are causing substantial financial losses for individuals, organizations, and government agencies all over the world. Such cybersecurity landscape can be classified under three major pillars: (a) technology/system, (b) human-computer, and (c) socio-political-organizational (See Figure 1). One of the weakest links in the cybersecurity chain has to do with the individuals who are using and protecting such systems. The focus of our Levy CyLab research group is to work on diverse projects related to the human-centric lens (also known as "Human Factor in Cybersecurity") of all three cybersecurity landscape pillars. In the technology/systems pillar, user-authentication has long been a challenge due to the overuse of passwords and ease at which they can be guessed or cracked along with increase password entropy that impact employee productivity. In the human-computer pillar, employees’ mistakes, falling to social engineering and phishing attacks due to low cybersecurity awareness, knowledge, competencies, skills, and what is known by the 2002 Nobel Prize Laureate, Princeton University's Professor Daniel Kahneman as “System 1” thinking (or what we call “oh shoot syndrome”) represent the majority of cybersecurity threats to organizations. Moreover, non-IT employees have low awareness of the magnitude of cybersecurity threats and their impact on organizations, government, and society. On the other hand, increasing complexity for computer systems due to demands for heightened security can cause frustration, resistance, and lower productivity. In the socio-political-organizational pillar, identity theft, social engineering, phishing, and insider threats are on the rise, which pose eminent threats to the reputation as well as financial stability of individuals, organizations, governments, and societies. Our research focuses on all three cybersecurity pillars by: (a) development of novel approaches to improve user-authentication including their role in reducing organizational cyber risk; (b) development of innovative tools to measure cybersecurity skills and reduction of human errors related to cybersecurity; as well as (c) development of state-of-the-art tools to identify insider-threats, programs to help mitigation of social engineering, phishing attacks, and other cyber threats, along with the protection of privacy and corporate intellectual property, threat mitigation and cybersecurity risk management analysis. Over the last 15 years, the Levy CyLab research group has published over 48 papers in refereed publications, one patent application, seven grant submissions (one internal $10K grant awarded & one external DoD/NSA $128K awarded for 2019-2020 academic year), four external gifts ($8K total), and 24 doctoral students have completed their dissertation research in these areas.Current Research Our current work continues to focus on the human-centric lens (human factor) of all three cybersecurity pillars with increased emphasis on the development of state-of-the-art tools and prototype applications to assist in the measurement of cybersecurity skills, human errors, identify insider-threats, cybersecurity hygiene, along with experimental studies to assist organizations with: Business E-mail Compromise (BEC), social engineering and phishing, cyber threat mitigation, improve business continuity plans, resilience, and general cybersecurity risk management.
- Cybersecurity Threat Mitigations:
- Social Engineering:
- User Authentication:
For contributions to our efforts, please: Visit the Nova Southeastern University Gift and Donations page1. Under "Gift Area" - select "College of Computing and Engineering"2. Under "Gift Donation" - select "Other" 3. Please specify by typing - "For Levy CyLab"Thank you for the generous contribution!
Yair Levy, Ph.D., Professor of IS and CybersecurityCollege of Computing and EngineeringDepartment of Computing
levyy AT nova.edu
Current Ph.D. Students and Projects:
Current Interns/Undergraduate Students and Projects:
Alumni and Past Projects
Karla Clarke, Ph.D. - KPMG Cybersecurity Consulting - Middle Georgia State University Dissertation title (2018): "Novel alert visualization: The development of a visual analytics prototype for mitigation of malicious insiders cyber threat"
Ph.D. Posters Presented:
- Shauna Beaudin, "An Empirical Study of Authentication Methods to Secure E-learning System Activities Against Impersonation Fraud"
Updated: March 30, 2020