期刊
JOURNAL OF MANAGEMENT INFORMATION SYSTEMS
卷 26, 期 3, 页码 241-274出版社
ROUTLEDGE JOURNALS, TAYLOR & FRANCIS LTD
DOI: 10.2753/MIS0742-1222260308
关键词
cost-benefit analysis; crime deterrence; games of complete and incomplete information; information security; information warfare; interdependent strategies; signaling
The paper uses a game-theoretic setting to examine the interaction between strategic attackers who try to gain unauthorized access to information systems, or targets, and defenders of those targets. Our analysis of the attacker-defender interaction shows that well-protected targets can use signals of their superior level of protection as a deterrence tool. This is due to the fact that, all other things being equal, rational attackers motivated by potential financial gains tend to direct their effort toward less-protected targets. We analyze several scenarios differing in the scope of publicly available information about target parameters and discuss conditions under which greater defenders' ability to signal their security characteristics may improve their welfare. Our results may assist security researchers in devising better defense strategies through the use of deterrence and provide new insight about the efficacy of specific security practices in complex information security environments.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据