Code red worm propagation modeling and analysis
Proceedings of the 9th ACM conference on Computer and communications security
Internet intrusions: global characteristics and prevalence
SIGMETRICS '03 Proceedings of the 2003 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
IEEE Security and Privacy
Proceedings of the 2003 ACM workshop on Rapid malcode
Proceedings of the 2004 ACM workshop on Rapid malcode
Random Graph Dynamics (Cambridge Series in Statistical and Probabilistic Mathematics)
Random Graph Dynamics (Cambridge Series in Statistical and Probabilistic Mathematics)
Algorithmic Game Theory
The Morris Worm: A Fifteen-Year Perspective
IEEE Security and Privacy
A local mean field analysis of security investments in networks
Proceedings of the 3rd international workshop on Economics of networked systems
Efficient control of epidemics over random networks
Proceedings of the eleventh international joint conference on Measurement and modeling of computer systems
On modeling product advertisement in social networks
ACM SIGMETRICS Performance Evaluation Review
Economics of malware: epidemic risks model, network externalities and incentives
Allerton'09 Proceedings of the 47th annual Allerton conference on Communication, control, and computing
Security interdependencies for networked control systems with identical agents
GameSec'10 Proceedings of the First international conference on Decision and game theory for security
Investigating the effect of node heterogeneity and network externality on security adoption
ACM SIGMETRICS Performance Evaluation Review
Aegis: a novel cyber-insurance model
GameSec'11 Proceedings of the Second international conference on Decision and Game Theory for Security
Modeling internet security investments: tackling topological information uncertainty
GameSec'11 Proceedings of the Second international conference on Decision and Game Theory for Security
Security adoption in heterogeneous networks: the influence of cyber-insurance market
IFIP'12 Proceedings of the 11th international IFIP TC 6 conference on Networking - Volume Part II
Security of interdependent and identical networked control systems
Automatica (Journal of IFAC)
On modeling product advertisement in large-scale online social networks
IEEE/ACM Transactions on Networking (TON)
Diffusion dynamics of network technologies with bounded rational users: aspiration-based learning
IEEE/ACM Transactions on Networking (TON)
Security adoption and influence of cyber-insurance markets in heterogeneous networks
Performance Evaluation
Hi-index | 0.00 |
Getting new security features and protocols to be widely adopted and deployed in the Internet has been a continuing challenge. There are several reasons for this, in particular economic reasons arising from the presence of network externalities. Indeed, like the Internet itself, the technologies to secure it exhibit network effects: their value to individual users changes as other users decide to adopt them or not. In particular, the benefits felt by early adopters of security solutions might fall significantly below the cost of adoption, making it difficult for those solutions to gain attraction and get deployed at a large scale. Our goal in this paper is to model and quantify the impact of such externalities on the adoptability and deployment of security features and protocols in the Internet. We study a network of interconnected agents, which are subject to epidemic risks such as those caused by propagating viruses and worms, and which can decide whether or not to invest some amount to deploy security solutions. Agents experience negative externalities from other agents, as the risks faced by an agent depend not only on the choices of that agent (whether or not to invest in self-protection), but also on those of the other agents. Expectations about choices made by other agents then influence investments in self-protection, resulting in a possibly suboptimal outcome overall. We present and solve an analytical model where the agents are connected according to a variety of network topologies. Borrowing ideas and techniques used in statistical physics, we derive analytic solutions for sparse random graphs, for which we obtain asymptotic results. We show that we can explicitly identify the impact of network externalities on the adoptability and deployment of security features. In other words, we identify both the economic and network properties that determine the adoption of security technologies. Therefore, we expect our results to provide useful guidance for the design of new economic mechanisms and for the development of network protocols likely to be deployed at a large scale.