Knowing the Enemy at the Gates: Measuring Attacker Motivation

Authors:
George P. Corser;Suzan Arslanturk;Jared Oluoch;Huirong Fu;George E. Corser
Affiliations:
Oakland University, Rochester, MI, USA;Oakland University, Rochester, MI, USA;Oakland University, Rochester, MI, USA;Oakland University, Rochester, MI, USA;Destination Imagination, Houghton, MI, USA
Venue:
International Journal of Interdisciplinary Telecommunications and Networking
Year:
2013

Citing 8
Cited 0

Analyzing security costs

Communications of the ACM - E-services: a cornucopia of digital offerings ushers in the next Net-based evolution
Enemy at the gate: threats to information security

Communications of the ACM - Program compaction
Business process-based valuation of IT-security

EDSER '05 Proceedings of the seventh international workshop on Economics-driven software engineering research
Estimating Potential IT Security Losses: An Alternative Quantitative Approach

IEEE Security and Privacy
On the Singularity of Valuating IT Security Investments

ICIS '09 Proceedings of the 2009 Eigth IEEE/ACIS International Conference on Computer and Information Science
The enemy is still at the gates: threats to information security revisited

2010 Information Security Curriculum Development Conference
Principles of Information Security

Principles of Information Security
Why software fails [software failure]

IEEE Spectrum

Quantified Score

Hi-index	0.00

Visualization

Abstract

Traditional cost-benefit analysis CBA quantifies the value of information security safeguards in terms of their expenses compared to their savings before and after their implementation. This paper considers CBA from the attacker's viewpoint, adding another type of measurement, the willingness to endure consequences. The authors propose a new set of equations and examine their implications vis-í-vis two typical network attacks, identity theft and intellectual property theft.