Research Interest
My research explores cybersecurity in real organizations by connecting three pieces that are often studied separately. Technology, human behavior, and organizational decision making. I study how cyberattacks unfold as multi stage campaigns and how everyday choices by employees and security teams can amplify or reduce damage.
A core part of my work uses agent based simulation to model virtual organizations where individuals have different levels of security awareness, workload, and responsiveness to policies. With these models, I evaluate how interventions such as phishing training, timely system updates, and operational practices change outcomes during realistic attack scenarios. This allows me to move beyond simple metrics and estimate what actually matters for reducing harm.
I also study how people interact with security technologies like machine learning based intrusion detection systems. In practice, false alarms and missed detections do not just affect detection performance. They shape trust, attention, and how defenders prioritize their time. By modeling these dynamics, I aim to better understand when automated tools help and when they unintentionally create new risks such as alert fatigue.
Finally, I analyze real world attack information to identify common attack pathways and structural bottlenecks that defenders can target. This supports practical, budget aware prioritization by highlighting where limited resources can disrupt attacker progress most effectively. Overall, my goal is to develop evidence based security strategies that make organizations more resilient by considering people, processes, and technology together.