Ranjan Pal Provost Fellow   Department of Computer Science Viterbi School of Engineering University of Southern California Los Angeles, CA 90089, USA Email: rpal@usc.edu

Research Interests

Economics of Information Security, Mathematical Modelling in Computer/Network Security and Reliability

Network Economics, Game Theory in Security

Machine Learning in Network Security

Education

Ph.D Candidate - Department of Computer Science, University of Southern California, USA (Advisors: Professors Leana Golubchik and Konstantinos Psounis)

M.S. - Computer Science, University of California Davis, USA

M.S - Computer Science, Massachusetts Institute of Technology and National University of Singapore

B.E. - Computer Science, Birla Institute of Science and Technology, Mesra

Research Affiliations During Ph.D

VSRC (Visiting Student Research Collaborator) - Princeton University, USA [2010] (Mentor: Professor Mung Chiang)

Visiting Researcher - Deutsch Telekom Research Laboratories (T-Labs), Berlin, Germany [2011-2012] (Mentor: Dr. Pan Hui)

Visiting Researcher - Center for TeleInfraStruktur (CTiF), Aalborg University, Denmark [2009] (Mentor: Dr. Ramjee Prasad)

About Myself

I am an Indian fifth year Ph.D candidate in the Department of Computer Science at the University of Southern California's (USC) Viterbi School of Engineering . My current major research interest lies in the area of economics and mathematical modeling of distributed network security. I also have a minor research interest in network economics, applied game theory, and machine learning in network security. I am a recipient of the prestigious Provost Fellowship at USC. In the past, as an undergraduate and as a masters student, I have held research positions related to network reliability and network optimization at Indian Institute of Technology, Kharagpur, India, Indian Institute of Management, Calcutta, India, and Center for TeleInfrastruktur, Aalborg, Denmark. My Erdos number is 4. In my spare time I do international travel, listen to music, watch movies, swim, and play/watch cricket.

The Flavor of My Research

I am a theory guy primarily interested in the mathematical modeling and analysis of several aspects in networked and distributed systems. My main goal is to reveal fundamental insights into the efficient design of communication systems. I like to solve problems that are challenging, interesting, and have good practical value. My Ph.D research is on investigating the important role of cyber-insurance markets in achieving a robust level of cyber-security, which is currently not present in the Internet due to several techno-social-economic constraints. The research is inter-disciplinary in nature and lies at the boundary of information security, micro-economics, game theory, and systems optimization. As secondary Ph.D research, I also work on small scale practical problems related to network economics and applied game theory.

Ph.D Thesis Statement

Most defense, corporate, and civilian systems today are Internet-based. The trustworthiness of Internet-based systems heavily depends on their security characteristics. It has been forecasted by national defense experts that the next big terrorist threat is a cyber-war. Thus, strong data protection and efficient cyber risk management is the need of the hour. Despite the increasing amount of research in strengthening security solutions, and large body of products being designed to increase security, e.g.,anti-virus software, anti-spam software, and firewalls, such self-protection tools can at best reduce the risk of end-users but cannot eliminate it. One of my main reasons for this is the effect of misaligned incentives between security product vendors, network users, and regulatory agencies. To this end, in this thesis I propose to address residual risk elimination through cyber-insurance - simply put, I consider solutions where risk is transferred to another entity (i.e., insurance company) in return for a fee (i.e.,the insurance premium). Cyber-insurance is a promising, potentially multi-billion dollar industry that can help secure the cyber-space, with profound benefits to individuals, corporations, security product vendors, and the government. I am not the first to argue in favor of cyber-insurance. Economists have attempted to extend conventional insurance models into the cyber-insurance context, and, quite recently, a few researchers from the broader networking and performance analysis communities have attempted to shed some light on the issues associated with cyber-insurance. However, despite this body of work, cyber-insurance has not yet become a reality due to a number of unresolved research challenges as well as practical considerations. A number of these challenges are rooted in some fundamental differences between cyber-insurance and other forms of insurance. Most notably, the networked environment over which cyber-insurance operates implies that the usual assumptions of independent security and non-correlated risk among end-users cannot be made. Moreover, information asymmetries between insured and insurers are particularly pronounced, making the modelling of such entities quite complex. My goal in this thesis is to focus on those aspects of the problem that are particular to cyber-insurance (in contrast to other forms of insurance), with the end goal of moving towards the realization of efficient cyber-insurance markets that benefit cyber-users, security product vendors, cyber-insurers, regulatory agencies, and the network as a whole.

Tools used in my thesis: Microeconomics, Algorithms, Game Theory, Probability Theory and Stochastic Processes, Mathematical Optimization, Graph Theory

USC Graduate School writes about my research

Publications in Ph.D (Main Thesis)

1. On a Way to Improve Cyber-Insurer Profits: When A Security Vendor Becomes the Cyber-Insurer, accepted in IFIP Networking 2013, New York, USA (Acceptance Rate: 26%)
2. On Differentiating Cyber-Insurance Contracts: A Topological Perspective, accepted in IEEE/IFIP Internet Management Conference 2013, Ghent, Belgium (Acceptance Rate: 23%)
3. Cyber-Insurance for Cyber-Security: A Topological Take on Modulating Insurance Premiums, accepted in ACM SIGMETRICS Workshop (MAMA 2012), London, UK. A slightly modified version of this paper will appear in ACM SIGMETRICS Performance Evaluation Review, 2012
4. Cyber-Insurance for Cyber-Security: A Solution to the Information Asymmetry Problem, accepted in SIAM Annual Meeting 2012, Minnesota, USA
5. Aegis: A Novel Cyber-Insurance Model accepted in GameSec, 2011, Maryland, USA. (flagship conference on economics of information security)
6. Modeling Investments in Internet Security: Tackling Topological Information Uncertainty accepted in GameSec, 2011, Maryland, USA. (flagship conference on economics of information security)
7. On Economic Perspectives of Internet Security: The Problem of Designing Optimal Cyber-Insurance Contracts, accepted in ACM SIGMETRICS Workshop (MAMA 2010), New York, USA. A slightly modified version of this paper appeared in ACM SIGMETRICS Performance Evaluation Review, 2010.
8. Analyzing Self-Defense Investments in Internet Security Under Cyber-Insurance Coverage accepted in IEEE ICDCS, 2010, Genoa, Italy. (Acceptance Rate 14.3%)

Publications in Ph.D (Network Economics and Applied Game Theory)

My publications here cover topics that I got associated with during course projects at USC, and my summer visits at Princeton University, Aalborg University, and Deutsch Telekom Research Laboratories. As a versatile researcher, I proposed simple solutions to a few small-scale problems in health networks, monetary file-sharing systems, social community networks, mobile social networks, and cloud computing.

1. A Real-Time Pricing Model for Electricity Consumption, accepted in SIAM Conference on Financial Mathematics and Engineering, 2012, Minnesota, USA
2. On Social Community Networks: The Cost Sharing Problem, accepted in ACM SIMPLEX 2012, in conjunction with WWW conference, Lyon, France
3. Economic Models for Cloud Service Markets: Pricing and Capacity Planning accepted for publication in Elsevier Theoretical Computer Science.
4. Economic Models for Cloud Service Markets accepted in ICDCN 2012, Hong Kong. (Also invited by INFORMS Annual Meeting 2011, Charlotte, North Carolina, USA)
5. Settling For Less : A QoS Compromise Mechanism for Mobile Opportunistic Networks accepted in ACM SIGMETRICS Workshop (MAMA 2011), San Jose, USA. A slightly modified version of this paper appeared in ACM SIGMETRICS Performance Evaluation Review, 2011
6. Sharing-Mart: Online Auctions for Digital Content Trading and Content Incentivization, accepted in GameNets, 2011, Shanghai, China.
7. On Wireless Social Community Network Routers: The Design and Cost Sharing Problem for Better Deployment , accepted in IEEE GLOBECOM 2010, Florida, USA.
8. Sharing Costs in Social Community Networks accepted in IEEE ICNC Workshop on Computing Networking and Communications, 2012, Maui, Hawaii, USA.
9. Playing Games with Human Health: A Game-Theoretic Approach to Optimizing Reliability in Wireless Health Networks, accepted in IEEE ISABEL 2010, Rome, Italy.

Academic Materials

Full Resume

Publications prior to joining Ph.D (UG, MS)

Selected Graduate Coursework

Design and Analysis of Algorithms

Mathematical Analysis

Probability Theory and Stochastic Processes

Mathematical Optimization (primarily convex optimization, slight emphasis on vector space optimization)

Network Economics and Network Game Theory

Performance Analysis of Systems

Computer Networks (The Internet, wireless networks, and distributed systems)

Cloud Computing

Statistical Machine Learning

Teaching Activities

1. (Graduate) Analysis of Algorithms: Teaching Assistant, (Sp'13, Fa'12, Sp'12, Fa'11, Fa'10), USC [Avg. Rating - 4.26/5], Exceptional TA citation from the USC Computer Science Department, 2012-2013

2. Unix and C Programming (Undergraduate Level): Teaching Assistant, Sp'06, UC Davis [Avg. Rating - 3.36/4]

Summer Research Appointments

1. Visiting Researcher - Deutsche Telekom Laboratories (T-Labs), Berlin, Germany, Summers of 2011 and 2012

2. Visiting Researcher - Electrical Engineering Department, Princeton University, USA, Summer 2010

3. Visiting Researcher - Center for TeleInfrastruktur (CTiF), Aalborg University, Denmark, Summer 2009

Invited Talks

1. On Improving Cyber-Security Through Insurance - A Tale of Insurance Markets: Symantec Research Labs, USA, December 2012.

2. Real-Time Pricing in Power Grids: Ecole Polytechnique Federal De Lausanne (EPFL), June 2011

3. An Insurance Approach to Internet Risk Management , Technical University of Lisbon, December 2009.

4. An Insurance Approach to Internet Risk Management , Nokia-Siemens Networks, Portugal, December 2009

Traveling

I love to travel. Life is boring without it!!!. I consider myself immensely lucky to have travelled to various parts of the world for both, academic as well as for holidaying purposes, at an young age. I generally make short yearly trips with friends, and really enjoy and relish the culture, food, nature, and monumental architecture in all the countries I visit. Listed below are the countries I have visited (airports not included :) ).

Asia: Singapore, Japan, Hong Kong, Thailand, Malaysia

North America: USA

Europe: Germany, Austria, Czech Republic, France, Russia, Switzerland, Italy, Vatican City, Holland, Belgium, Denmark, England, Sweden, Finland, Norway, Spain, and Portugal