Understanding and Influencing Attackers' Decisions: Implications for Security Investment Strategies

Nizovtsev, Dmitri; Cremonini, Marco

Understanding and Influencing Attackers' Decisions: Implications for Security Investment Strategies

Files

140.pdf (1.52 MB)

Author

Nizovtsev, Dmitri

Cremonini, Marco

Publisher

Washburn University. School of Business

Sponsor

Kaw Valley Bank

Issue Date

April 2006

Full item page

Abstract

We consider a model of economic behavior of attackers for the case when they are able to obtain complete information about the security characteristics of each target and the case when such information is unavailable. We find that if attackers are able to distinguish targets by their security characteristics and switch between multiple alternative targets, then the direct effect of security measures, represented by the strengthened technical protection of networked assets, is complemented by a behavioral effect resulting from more effort being put into attacks on systems with low security level than on systems with high security level. ignoring that effect would result in underinvestment in security or misallocation of security resources. We also find that systems with better levels of protection have stronger incentives to reveal their security characteristics to attackers whereas poorly protected systems prefer to hide their characteristics. Those results have important implications for security practices and policy issues.

URI

https://hdl.handle.net/10425/205

Collections

Kaw Valley Bank Working Paper Series
Faculty Papers