image of circuit board

Research Projects


Research at the Stanford Cyber Initiative focuses on understanding relationships between cyber technologies and security, governance, and work

Consumer Markets

Research Projects

The Anatomy of Ransomware Attacks (2017-2018; Sharad Goel, Camelia Simoiu):

A new class of malware known as ransomware has emerged and gained popular among cybercriminals over the last decade. Ransomware works by restricting an individual’s access to their computer (e.g., by encrypting their data), and then demanding payment to restore functionality. The first known case of a ransomware attack occurred almost 10 years ago.

Behavioral Biometrics (2015-2017; Russell Poldrack, David Mazieres, Bahman Bahmani)

Authentication is one of the major problems faced by the society in interacting with cyber technology. Passwords, challenge questions, out-of-band text messages, and physiological biometrics create friction with user experience, and yet are increasingly bypassed by hackers. In this project, we will study the use of behavioral biometrics, i.e., the unique traits in user interactions with digital devices and services, for frictionless cyber authentication.

Consumer Privacy (2015-2016; Kostas Bimpikis, Yonatan Gur)

Recent advances in information technology have allowed firms to gather detailed data about consumers’ preferences and the structure of their social interactions. Along with the growingly adopted targeting technologies, the wealth of available information benefits firms and holds a lot of promise for individuals. On the other hand, challenges arise with regards to the sensitive nature of the information entities such as firms and government agencies may collect about individuals.

Costs of Cyber Data Breaches in Public Companies (2016-2017; Michael Klausner, George Triantis)

This project addresses the need for quantitative measures of the costs incurred by publicly traded companies that experience cyber data breaches. The currently available information is focused more on frequency than severity of breach, including the scope and costs of breach. Most of the publicly available data is the result of surveys and the commercially available cyber-breach data are regarded by many to be inaccurate, incomplete and not organized in such a way as to support analysis.

Cyber Insurance Policies and Coverage (2016-2017; Ben Lawsky, George Triantis)

As our visiting scholar, Ben Lawsky's research into cyber insurance policies examines how policy language differs across industries as well as between same-industry clients, and introduces scenario planning to evaluate how well coverage matches the scope of potential catastrophic and interconnected cyber incidents.

How Intermediaries Affect User Choice in News and Commerce (2016-2018; Susan Athey, David Blei)

Access to digital information involves intermediaries. For online news, these are web pages and apps provided by news organizations, search engines, news aggregators, portals, and social media. For shopping, intermediaries are primarily e-commerce websites and apps. In such settings, users choose from a large set of alternatives, but the effective alternatives at a point in time are limited by the options presented on a web page or mobile screen.

Secrecy of Sequential Decision-Making (2016-2017; Kuang Xu)

The increasing prevalence of large-scale surveillance and data collection infrastructures deployed by government agencies and private companies has brought global attention to the astonishing power enabled by modern cyber technologies. While such information appears to be revealing (e.g., a consumer's past browsing behavior may be indicative of the final purchase decision), we still lack a satisfactory understanding of the true value of the data collected, in terms of the extent to which it allows one to predict an individual's intention or future behavior using his or her past actions.

Self-Incentivizing Networks (2015-2016; Keith Winstein, Ramesh Johari)

We are developing the engineering and economic tools to enable self-incentivizing enclaves on the Internet, where entrepreneurs can add incrementally to the network's capacity and be rewarded for their contribution, however small, to encourage the buildout of connectivity in under-served areas. This problem cuts across the domains of congestion-control, traffic engineering, and wide-area routing and settlement on the Internet.

Democracy & Politics

Research Projects

Campaign of the Future (2015-2016; Nate Persily, Bruce Cain)

Technological advances in voting, communication, and fundraising are changing American campaigns and elections in fundamental ways. Developments in microtargeting, web-based campaign advertisements, and even voting, itself, promise to empower new actors in campaigns and reshape the landscape for political communication. American democracy's move on-line will have profound implications for the future of traditional intermediary institutions, especially political parties, which have served as the primary avenues for individual participation and representation.

Crowdsourced Democracy (2015-2016; Ashish Goel, Larry Diamond)

YouTube competes with Hollywood as an entertainment channel, and also supplements Hollywood by acting as a distribution mechanism. Twitter has a similar relationship to news media, and Coursera to Universities. But Washington has no such counterpart; there are no online alternatives for making democratic decisions at large scale as a society.

Crypto Policy Project (2015-2017; Jennifer Granick, Dan Boneh)

Encryption helps human rights workers, activists, journalists, financial institutions, innovative businesses, and governments protect the confidentiality, integrity, and economic value of their activities. However, strong encryption may mean that governments cannot make sense of data they would otherwise be able to lawfully access in a criminal or intelligence investigation. In the 1970s, and again in the 1990s, U.S. government struggled with tradeoffs between its surveillance/law enforcement missions (potentially thwarted by crypto) and its information assurance/crime prevention missions (furthered by crypto).

Cyber-Enabled Information and Influence Warfare and Manipulation: Understanding Problems, Developing Solutions (2017-2018; Amy Zegart, Herb Lin, Tom Fingar, Nate Persily, Lee Ross)

Hostile cyber operations are characterized as acts of war in academic and policy debates, which in turn has led researchers to apply theories of war to understand actor behavior in this domain. Yet recent events show that many hostile cyber operations fall short of the threshold of war; they are more appropriately in the realm of intelligence operations and covert action. This project examines the psychological, organizational, legal, and international security dimensions of cyber-enabled influence/information warfare and manipulation (IIWAM) operations through this new framing of the problem.

The Deteriorating Health of the Digital Information Ecosystem and Its Deleterious Effects on Democracy & Human Rights (2017-2018; Eileen Donahoe, Larry Diamond, Russell Berman, Daphne Keller)

While appreciating the benefits of digital platforms for society, this project addresses deleterious effects of digital technologies on the global information ecosystem and negative consequences for democracy. It will identify a spectrum of negative dynamics (e.g., spread of fake news, creation of echo chambers, normalization of hate, reinforcement of stereotypes/bias, facilitation of violent extremism, weaponization of information/doxing, psychographic targeting, information operations) and describe how the combined effect of these dynamics presents an ominous threat to democracy.

Documenting Combined Capabilities for Internet Security (2017-2018; Amy Zegart, Jesse Sowell, Herb Lin, Harold Trinkunas)

Transnational network operator communities, which comprise roughly a few thou- sand individuals from volunteer organizations, non-profits, and for-profit firms, are little known but critical actors ensuring Internet security. Operator community members collaborate informally with both industry peers and law enforcement to keep nefarious activities such as botnets and phishing out of cyberspace. For instance, approximately 90% of e-mail that traverses the Internet is spam.

Policy-Friendly Remote Access to Computer Resources: The Successor to SSH (2017-2018; Keith Winstein, David Mazieres, Ben Calvert, Erwin Lopez, Ashley Tolbert)

From its introduction in 1995, the Secure Shell (SSH) has become a ubiquitous tool for users to connect securely with networked and “cloud” servers. But as the importance of cybersecurity has increased in the last two decades, and as systems like the Secure Web and TLS have seen considerable evolution, SSH has yet to realize commensurate improvements in its manageability, auditability, or support of prudent security policies.

Political Framing and its Propagation in Media (2017-2018; Dan Jurafsky, Matthew Gentzkow, Jure Leskovec, Jennifer Pan)

We propose to investigate political framing in digital media, using a novel combination of computational linguistics and machine learning tools to investigate key areas crucial for preserving democracy in the post-industrial world. These include the ability of governments or non-state actors to influence or undermine the democratic process through propaganda or agenda-setting, the way new media distinguish (or don’t distinguish) subjective opinions from objective data, how minority and majority groups are portrayed, and the way partisan frames emerge and diffuse.

Social Media and Democracy (2017-2018; Frank Fukuyama, Nate Persily, Ashish Goel)

Advances in technology and the rise of the Internet are upsetting the longstanding western political balance. Democracies around the world face growing threats from demagogues and populists who use social media to spread xenophobia, misinformation, and fear in furtherance of their agendas.

Stanford-China Track 2 Cyber Diplomacy (2015-2016; Herb Lin, David Relman)

It is well known that the cyber relationship between China and the United States is a source of great friction between the two nations. As a step towards improving the cyber relationship, the CISAC/Hoover cyber program will seek to build a sustainable and ongoing dialogue with China, through an initial effort to conduct cooperative research on cybersecurity-related issues.

Uncovering Authoritarian Rule with Cyber Technology: Estimating the Prevalence of Collective Action and Repression in Authoritarian Regimes with Unstructured Digital Data (2016-2018; Jennifer Pan, John Duchi)

We aim to develop a methodology to generate the first rigorous scientific measure of a variable of paramount importance to academics and public policy makers worldwide ¬¬ the prevalence, location, and scale of collective action events and repression of these events in authoritarian regimes.


Research Projects

Cyber-Text Technologies: Presenting the Future of the Past (2016-2017; Elaine Treharne, Ronald Egan)

Cyber Text Technologies will ascertain from a small but detailed set of case studies to what extent all forms of human communication might be not only systematic, but also effectively skeumorphic, unconsciously emulative, and to an extent formulaically replicative. We aim to investigate through machine learning that employs refined and targeted modeling whether or not specific conventions and identifiable trends characterize every text technology from Cuneiform to Snapchat.

First Principles for Governing Academic Records in the Digital Era (2015-2016; Mitchell Stevens, Dan Boneh, Tom Black)

Digital learning environments and data analytics have dramatically expanded what might count as academic records, raising questions about the viability of inherited record systems predicated on paper or paper-equivalent documents and institutionally based verification systems. Engineers and student services professionals at Stanford and worldwide are actively developing academic record systems more appropriate for a digital era.

The Interdependence and Fragmentation of Life Experiences across Cyber-social Systems (2016-2018; Byron Reeves, Nilam Ram, Laura Carstensen)

Smartphones and laptop computers now allow multitasking among a greater range of experiences than has ever been possible. People switch between radically different content – from work to play to social relationships – and often within seconds. This means that understanding interchanges with cyber-social systems (e.g., health, social relationships, finances, shopping, transportation, work productivity, learning) will depend as much on stitching together experiences across domains as on examining experiences scattered within any single system.

Health & Medicine

Research Projects

Advancing AI Research to Help Policymakers Affordably Improve Life’s Starts and Finishes (2016-2017; Fei-Fei Li, Arnold Milstein)

Understanding grows about childhood experiences occurring primarily in lower and middle class homes that limit fulfillment of children’s’ developmental potential. Simultaneously nations and US state governors face rising demand for costly institutional care that many seniors’ dread. In the United States, the cost of long-term care would more than double from 1.3% of US GDP in 2010 to 3% of US GDP in 2050 if the rate of functional limitations among those age 65 and older remains constant (Congressional Budget Office, 2013).

Cyber Systems in Healthcare Organizations (2015-2016; Melissa Valentine, Mohsen Bayati)

Advanced cyber-systems hold tremendous promise for transforming modern hospitals, potentially improving their capacity, safety, and operational efficiency by extending limited human ability for memory, judgement, and situational awareness. Yet technologies are not exogenous “interventions” into organizational systems. Instead, they are shaped by and then in turn shape the social system, as people interpret and enact the technologies based on their professional identities or the power dynamics activated by the technology implementation process.

Cyber Tech in Patient-Physician Relationships (2015-2016; Abraham Verghese, Jeff Chi, Sonoo Thadaney)

We believe the 20th century was one of technology development, and the 21st century is focused on appropriate and relevant application of technology. The technology in cyber-social health systems promised increased efficiency, improved effectiveness, fewer errors, and global connectivity. However, we’re now aware of the unintended consequences. In modern medicine, particularly in the hospital, the bed-ridden patient has become an icon for computerized patient data - an entity we’ve termed the “iPatient”.

Cybersecurity of Health Care Data in Population-Based Health Information Exchanges (2016-2017; Lorene Nelson, Mark Cullen, Dan Boneh, Ling Yu, Michelle Mello, Nigam Shah)

Health information exchanges (HIEs) integrate electronic health records from multiple healthcare facilities in a geographic region, and secondary use by researchers of the data from these large generalizable samples have tremendous potential for benefitting population health and informing public policy. Although state and federal laws provide some architecture for protecting healthcare information privacy, most of these laws predate and do not contemplate the recent explosion in the number of online information sources, leaps in computing capabilities, and rise in hacking incidents.

Resilient and Robust Connectivity for Medical Devices in the Developing World (2016-2017; Keith Winstein, Leonore Herzenberg)

The practice of medicine increasingly relies on large quantities of data—often, gigabytes from imaging, genomics, or blood-based analysis. But the medical devices that collect this data are generally designed with the assumption that Internet access is robust and always on. In the developing world, this assumption breaks down. From Addis Ababa to Zomba, cellular networks are typically the best available connectivity, and these networks experience chronic brownouts and fluctuations.

Labor & Workplace

Research Projects

Assessing the Impact of Digital Technologies on the Labor Market (2017-2018; Yong Lee, Chuck Eesley, Stephen Zoepf)

There is increasing concern that the wave of new technologies, such as robotics, digital platform economy, big data analytics, artificial intelligence, and so forth, will disrupt jobs and workers in the near future. While technology can increase productivity of workers and create jobs, it could also directly replace workers. This project examines the net impact of technology on jobs and labor markets.

Collective Action and Governance in an Online Piecework Economy (2016-2017; Michael Bernstein, Margaret Levi)

The digital gig economy has led to a resurgence of piecework. Without shared factories and water coolers, how do digital pieceworkers coordinate, build solidarity, and take collective action? We will engage in fieldwork with digital pieceworkers who work in data entry, domestic services, and on-demand driving to understand how they counter algorithmic systems and engage in collective behavior. We will then design and launch a new collectively-governed platform for gig workers.

Cyber Work: The Future of Networked Labor (2015-2018; Michael Bernstein, Ramesh Johari, Margaret Levi, Melissa Valentine)

Technology has transformed from a tool that supports work into a comprehensive infrastructure that connects workers to employers. Platforms such as Uber and Amazon Mechanical Turk, which announce themselves as the “gig economy” and “paid crowdsourcing”, signal a shift where workers and employers connect ad-hoc, at large scale, to accomplish complex tasks. This shift to online networked labor has the potential to dramatically reconfigure how we shape our careers, organizations, and market platforms, and in turn shifts how those careers, organizations and platforms shape our society.

Folk Theories of Cyber-Social Systems and their Implications for Privacy (2016-2018; Jeff Hancock, Michael Bernstein)

As people interact with complex cyber-social systems such as Facebook’s ranked news feed and Uber’s hiring algorithms, they build up folk theories of how these systems work. These theories, however, can often be wrong. For example, many people believed the Facebook news feed to be an unfiltered window of their friends’ behavior, leading to widespread surprise and news coverage when a Facebook experiment on emotional contagion highlighted that Facebook manipulates the content of users’ feeds.

The Impact of Digitization on Labor Markets, Product Quality, and Information (2017-2018; Susan Athey, Paul Oyer, Markus Mobius)

Automation through both robotics and software is quickly diffusing, and digital platforms continue to expand, with profound implications for labor markets and democracy. First, the effect of automation on labor markets has been the subject of much debate, but little rigorous analysis. This project builds an economic model and uses it to evaluate conditions under which automation causes large increases in inequality or poverty.

General Publications


Behavioural Profiling in Cyber-Social Systems

Computer systems have evolved from standalone systems,over networked systems, to cyber-physical systems. In all stages, humanoperators have been essential for the functioning of the system and forunderstanding system messages. Recent trends make human actors aneven more central part of computer systems, resulting in what we call“cyber-social systems”...

America needs to play both the short and long game in cybersecurity - McFaul and Zegart

In his last news conference of the year (and maybe last ever as president) last week, President Obama squarely assigned blame to the Russian government for stealing data from the Democratic National Committee and John Podesta...

How to stop Russia's cyber-interference - Mike McFaul

Congressional and Justice Department investigations, as well as terrific investigative reporting over the last year, have revealed the comprehensive scale of Russia’s violation of our sovereignty. This was done not by crossing physical borders but by invading multiple virtual boundaries