A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior
IEEE Transactions on Software Engineering
Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security
IEEE Transactions on Software Engineering
The economics of information security investment
ACM Transactions on Information and System Security (TISSEC)
Techniques and tools for analyzing intrusion alerts
ACM Transactions on Information and System Security (TISSEC)
A model for evaluating IT security investments
Communications of the ACM - Has the Internet become indispensable?
Basic Concepts and Taxonomy of Dependable and Secure Computing
IEEE Transactions on Dependable and Secure Computing
Model-Based Evaluation: From Dependability to Security
IEEE Transactions on Dependable and Secure Computing
Computer security strength and risk: a quantitative approach
Computer security strength and risk: a quantitative approach
A Comprehensive Approach to Intrusion Detection Alert Correlation
IEEE Transactions on Dependable and Secure Computing
Incentive-based modeling and inference of attacker intent, objectives, and strategies
ACM Transactions on Information and System Security (TISSEC)
Attack-Potential-Based Survivability Modeling for High-Consequence Systems
IWIA '05 Proceedings of the Third IEEE International Workshop on Information Assurance
The Value of Intrusion Detection Systems in Information Technology Security Architecture
Information Systems Research
Managing Cybersecurity Resources (The Mcgraw-Hill Homeland Security Series)
Managing Cybersecurity Resources (The Mcgraw-Hill Homeland Security Series)
Modeling network intrusion detection alerts for correlation
ACM Transactions on Information and System Security (TISSEC)
Network Software Security and User Incentives
Management Science
Fixed- vs. variable-length patterns for detecting suspicious process behavior
Journal of Computer Security
An inquiry into the nature and causes of the wealth of internet miscreants
Proceedings of the 14th ACM conference on Computer and communications security
The Deterrent and Displacement Effects of Information Security Enforcement: International Evidence
Journal of Management Information Systems
Decision-Theoretic and Game-Theoretic Approaches to IT Security Investment
Journal of Management Information Systems
Information security economics - and beyond
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Hacker Behavior, Network Effects, and the Security Software Market
Journal of Management Information Systems
Risk-Based models of attacker behavior in cybersecurity
SBP'13 Proceedings of the 6th international conference on Social Computing, Behavioral-Cultural Modeling and Prediction
International Journal of Business Information Systems
| Hi-index | 0.00 |
The paper uses a game-theoretic setting to examine the interaction between strategic attackers who try to gain unauthorized access to information systems, or "targets," and defenders of those targets. Our analysis of the attacker-defender interaction shows that well-protected targets can use signals of their superior level of protection as a deterrence tool. This is due to the fact that, all other things being equal, rational attackers motivated by potential financial gains tend to direct their effort toward less-protected targets. We analyze several scenarios differing in the scope of publicly available information about target parameters and discuss conditions under which greater defenders' ability to signal their security characteristics may improve their welfare. Our results may assist security researchers in devising better defense strategies through the use of deterrence and provide new insight about the efficacy of specific security practices in complex information security environments.