Show simple item record

dc.contributor.authorCremonini, Marco; Nizovtsev, Dmitrien_US
dc.dateApril 2006en_US
dc.date.accessioned2014-11-14en_US
dc.date.accessioned2018-11-02T14:38:10Z
dc.date.available2014-11-14en_US
dc.date.available2018-11-02T14:38:10Z
dc.identifier.otherSchool of Business Working Paper Series; No. 68en_US
dc.identifier.urihttps://wuir.washburn.edu/handle/10425/205
dc.description.abstractWe consider a model of economic behavior of attackers for the case when they are able to obtain complete information about the security characteristics of each target and the case when such information is unavailable. We find that if attackers are able to distinguish targets by their security characteristics and switch between multiple alternative targets, then the direct effect of security measures, represented by the strengthened technical protection of networked assets, is complemented by a behavioral effect resulting from more effort being put into attacks on systems with low security level than on systems with high security level. ignoring that effect would result in underinvestment in security or misallocation of security resources. We also find that systems with better levels of protection have stronger incentives to reveal their security characteristics to attackers whereas poorly protected systems prefer to hide their characteristics. Those results have important implications for security practices and policy issues.en_US
dc.format.mediumPDFen_US
dc.language.isoEngen_US
dc.publisherWashburn University, School of Businessen_US
dc.subjectComputer securityen_US
dc.subjectComputer hackersen_US
dc.subjectSecurityen_US
dc.subjectSecurity investmenten_US
dc.titleUnderstanding and Influencing Attackers' Decisions: Implications for Security Investment Strategiesen_US
dc.typeWorking paperen_US
washburn.identifier.cdm139en_US
washburn.identifier.oclc70281256en_US
washburn.source.locationen_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record