Enhancing Cybersecurity: Incident Monitoring and Threat Mitigation at UVA’s Security Operations Center; Monitoring Health: Fitness Trackers, Users, and Providers in Healthcare

Human actors are directing technological advancements, which can lead to prioritizing profit and other biases. How can we mitigate these negative consequences? This question lays the foundation for both my technical and STS research. In both reports, I explored how individuals and institutions shape technologies that directly impact human well being, whether that is through digital security at a university or personal health tracking in broader society. While the two projects are distinct in domain, they share a common concern of how the design, deployment, and human interaction with technology can result in unintended harm, including increased risk, misinformed decision making, or overburdened systems. By investigating cybersecurity operations at the University of Virginia (UVA) and fitness tracker usage in healthcare, I examined the sociotechnical balance between empowering technologies and the ethical, logistical, and psychological risks they introduce when they are driven by commercial or institutional interests.

My technical project focused on improving incident detection and response capabilities at UVA’s Security Operations Center (SOC). Through my hands-on work with the SOC team, I helped triage security incidents by analyzing DNS (Domain Name System) and DHCP (Dynamic Host Configuration Protocol) logs, both of which provide insight into device activity on the network, as well as email logs for anomalous patterns. To do this, I used Search Processing Language (SPL) in Splunk to write targeted queries for log analysis. One of the most critical issues I encountered was “alert fatigue”. This is when analysts become overwhelmed by repetitive, rule based alerts, many of which turn out to be false positives. An example of this would be a rule flagging any email with “direct deposit” in the subject line which frequently flags legitimate emails, wasting analyst’s time. These inefficiencies highlighted the limitations of static, human defined rules in a rapidly evolving cyber threat landscape. My work identified areas for improvement, such as refining SPL queries and integrating machine learning for better anomaly detection. These suggestions aim to reduce bias in threat prioritization and lessen the cognitive load on analysts to improve network security without compromising analyst well being.

My STS research explored the influences of fitness tracker manufacturers, users, and healthcare providers on the integration of wearable health devices into healthcare. Using Actor Network Theory (ANT), I analyzed how non-human actors, fitness trackers, and the human actors co-construct the meaning and usage of this technology. I found that manufacturers often exaggerate the capabilities of these devices and use wellness oriented marketing while quietly disclaiming medical accuracy. This creates confusion for users who may over rely on inconsistent or misleading data, leading to anxiety, self diagnosis, and even physical harm. Meanwhile healthcare providers are caught between leveraging real time health data and managing unrealistic expectations from patients. Insurance companies also play a role by offering discounts for trackers but potentially using user data to adjust premiums which introduces ethical concerns around privacy and discrimination. These findings show how commercial and institutional interests can bias technological development and reinforce structural inequalities.

Overall, both of my projects show that while technology can be a powerful tool for improving safety and health, it is not inherently neutral. In both cybersecurity and wearable health, human decisions dictate how the technology is built, marketed, and maintained. My contribution includes exposing some of the hidden biases in these processes and offering suggestions to improve human-technology interactions. In the technical context, this meant proposing machine learning integration to reduce repetitive tasks and false positives, while in the STS case it meant advocating for greater algorithmic transparency, informed consent, and user education to prevent mental and physical harm from fitness trackers. Future researchers should continue investigating how technologies reflect the priorities of their creators and users. In cybersecurity this could be developing adaptive detection systems that learn from context rather than relying solely on static rules. In health tech, this means designing user centered trackers that support holistic wellness without inducing anxiety or exploiting personal data. A cross-disciplinary approach will most likely be essential for mitigating the negative consequences of human directed technology development.

For my technical project, I would like to thank the UVA Information Security team for giving me the opportunity to join their team as a SOC junior analyst. Also, I am grateful to Professor Rosanne Vrugtman for her continuous support and guidance throughout my technical capstone writing. For my STS project, I want to thank Professors Peter Norton and Caitlyn Wylie for their invaluable insight and guidance throughout my research and writing process.

School of Engineering and Applied Science

Bachelor of Science in Computer Science

Technical Advisor: Briana Morrison, Rosanne Vrugtman

STS Advisor: Peter Norton, Caitlin Wylie