nach oben

Erschienen in:

2013 | OriginalPaper | Buchkapitel

Sex, Lies and Cyber-Crime Surveys

verfasst von : Dinei Florêncio, Cormac Herley

Erschienen in: Economics of Information Security and Privacy III

Verlag: Springer New York

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Much of the information we have on cyber-crime losses is derived from surveys. We examine some of the difficulties of forming an accurate estimate by survey. First, losses are extremely concentrated, so that representative sampling of the population does not give representative sampling of the losses. Second, losses are based on unverified self-reported numbers. Not only is it possible for a single outlier to distort the result, we find evidence that most surveys are dominated by a minority of responses in the upper tail (i.e., a majority of the estimate is coming from as few as one or two responses). Finally, the fact that losses are confined to a small segment of the population magnifies the difficulties of refusal rate and small sample sizes. Far from being broadly-based estimates of losses across the population, the cyber-crime estimates that we have appear to be largely the answers of a handful of people extrapolated to the whole population. A single individual who claims $50,000 losses, in an N = 1, 000 person survey, is all it takes to generate a $10 billion loss over the population. One unverified claim of $7,500 in phishing losses translates into $1.5 billion.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Where Do All the Attacks Go?

Nächstes Kapitel The Underground Economy of Fake Antivirus Software

Anderson R, Boehme R, Clayton R, Moore T (2007) Security economics and the internal market. Report for European network and information security agency, 2007

Andreas P, Greenhill K (2010) Sex, drugs, and body counts: the politics of numbers in global crime and conflict. Cornell University Press, New York

Assael H, Keon J (1982) Nonsampling vs. sampling errors in survey research

Avery R, Elliehausen G, Kennickell A (1988) Measuring wealth with survey data: an evaluation of the 1983 survey of consumer finances. Rev Income Wealth 34(4):339–369CrossRef

Bureau of Justice Statistics. Victims of Identity Theft. http://bjs.ojp.usdoj.gov/content/pub/pdf/vit08.pdf

Federal Trade Commission (2003) Identity theft survey report. http://www.ftc.gov/os/2003/09/synovatereport.pdf

Federal Trade Commission (2007) Identity theft survey report. www.ftc.gov/os/2007/11/SynovateFinalReportIDTheft2006.pdf

Federal Reserve Board. Survey of Consumer Finances. http://www.federalreserve.gov/pubs/oss/oss2/scfindex.html

Florêncio D, Herley C (2010) Where do security policies come from? In: SOUPS 2010, Redmond

10.

Gartner (2007) Phishing survey. http://www.gartner.com/it/page.jsp?id=565125

11.

Herley C, Florêncio D (2008) A profitless endeavor: phishing as tragedy of the commons. In: NSPW 2008, Lake Tahoe, CA

12.

Herley C, Florêncio D (2009) Nobody sells gold for the price of silver: dishonesty, uncertainty and the underground economy. In: WEIS 2009, London

13.

Howard M, LeBlanc D, and Books I (2003) 24x7. Writing secure code, vol 2. Microsoft press, Washington

14.

Internet Crime Complaint Center Annual Crime Report. http://www.ic3.gov/media/annualreports.aspx

15.

Javelin (2003) Identity theft survey report. http://www.javelinstrategy.com/uploads/505.RF_Phishing.pdf

16.

Javelin (2009) Identity theft survey report. http://www.javelinstrategy.com/uploads/505.RF_Phishing.pdf

17.

Kennickell A (1998) Multiple imputation in the Survey of Consumer Finances. In: Proceedings of the section on business and economic statistics, 1998 annual meetings of the American statistical association, Dallas, Texas. Citeseer, 1998

18.

Kennickell A (2009) Getting to the top: reaching wealthy respondents in the SCF. Washington, DC: Federal reserve board of governors, 2009

19.

Lichtman S, Pisarska K, Berman E, Pestone M, Dowling H, Offenbacher E, Weisel H, Heshka S, Matthews D, Heymsfield S (1992) Discrepancy between self-reported and actual caloric intake and exercise in obese subjects. New Engl J Med 327(27):1893–1898CrossRef

20.

Lorenz J, Rauhut H, Schweitzer F, Helbing D (2011) How social influence can undermine the wisdom of crowd effect. Proc Natl Acad Sci 108(22):9020CrossRef

21.

Measuring the Effectiveness of In-the-Wild Phishing Attacks. (2009) http://www.trusteer.com/sites/default/files/Phishing-Statistics-Dec-2009-FIN.pdf

22.

Moitra SD. Cyber security violations against businesses: a re-assessment of survey data. http://www.iimcal.ac.in/res/upd\%5CWPS\%20571.pdf

23.

Moore T, Clayton R (2007) Examining the impact of website take-down on phishing. In: Proceedings of APWG eCrime summit, 2007

24.

Morris M (1993) Telling tails explain the discrepancy in sexual partner reports. Nature

25.

National Strategy for Trusted Identities in Cyberspace. Why we need it. http://www.nist.gov/nstic/NSTIC-Why-We-Need-It.pdf

26.

New Scientist (2008) Cybercrime toll threatens new financial crisis. Nov. 20, 2008. http://www.newscientist.com/article/dn16092-cybercrime-toll-threatens-new-financial-crisis.html

27.

Newman M (2005) Power laws, Pareto distributions and Zipf’s law. Contemp Phys 46(5):323–351CrossRef

28.

Paterson P (2010) The Morphing IT Security Landscape. Nov. 18, 2010 https://vishnu.fhcrc.org/security-seminar/IT-Security-Landscape-Morphs.pdf

29.

Ryan J, Jefferson TI (2003) The use, misuse, and abuse of statistics in information security research. In: Proceedings 23rd ASEM national conference, 2003

30.

Shostack A, Stewart A (2008) The new school of information security research

31.

Systems Solutions Group: Cyber Crime http://www.ssg-inc.net/cyber_crime/cyber_crime.html

32.

TaoSecurity Blog: Brief Thoughts on WEIS (2010) http://taosecurity.blogspot.com/2010/07/brief-thoughts-on-weis-2010.html. July 14, 2010

33.

Tukey J (1960) A survey of sampling from contaminated distributions. I. Olkin, 1960

34.

Wiederman M (1997) The truth must be in here somewhere: examining the gender discrepancy in self-reported lifetime number of sex partners. J Sex Res 34(4):375–386CrossRef

Titel: Sex, Lies and Cyber-Crime Surveys
verfasst von: Dinei Florêncio
Cormac Herley
Verlag: Springer New York
Buch: Economics of Information Security and Privacy III
Print ISBN: 978-1-4614-1980-8

Electronic ISBN: 978-1-4614-1981-5

Copyright-Jahr: 2013
DOI: https://doi.org/10.1007/978-1-4614-1981-5_3

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner