nach oben

Erschienen in:

2019 | OriginalPaper | Buchkapitel

Predictably Deterrable? The Case of System Trespassers

verfasst von : David Maimon, Alexander Testa, Bertrand Sobesto, Michel Cukier, Wuling Ren

Erschienen in: Security, Privacy, and Anonymity in Computation, Communication, and Storage

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Can computing environments deter system trespassers and increase intruders’ likelihood to cover their tracks during the progression of a system trespassing event? To generate sufficient empirical evidence to answer this question, we designed a series of randomized field trials using a large set of target computers built for the sole purpose of being infiltrated. We configured these computers to present varying levels of ambiguity regarding the presence of surveillance in the system, and investigated how this ambiguity influenced system trespassers’ likelihood to issue clean tracks commands. Findings indicate that the presence of unambiguous signs of surveillance increases the probability of clean tracks commands being entered on the system. Nevertheless, even when given clear signs of detection, we find that intruders are less likely to use clean tracks commands in the absence of subsequent presentations of sanction threats. These results indicate that the implementation of deterring policies and tools in cyber space could nudge system trespassers to exhibit more cautiousness during their engagement in system trespassing events. Our findings also emphasize the relevance of social-science models in guiding cyber security experts’ continuing efforts to predict and respond to system trespassers’ illegitimate online activities.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Web-Based Intelligence for IDS

Furnell, S.: Cybercrime: Vandalizing the Information Society. Addison-Wesley, Boston (2002)MATH

Online Trust Alliance: Data Protection and Breech: Readiness Guide. Online Trust Alliance (2014)

Storm, D.: MEDJACK: hackers hijacking medical devices to create backdoors in hospital networks. Computer World (2015). http://www.computerworld.com/article/2932371/cybercrime-hacking/medjack-hackers-hijacking-medical-devices-to-create-backdoors-in-hospital-networks.html

Riffkin, R.: Hacking Tops List of Crimes Americans Worry about Most. Gallup Poll News Service (2014). http://www.gallup.com/poll/178856/hacking-tops-list-crimes-americans-worry.aspx

The Comprehensive National Cybersecurity Initiative. The White House. www.whitehouse.gov

Becker, G.: Crime and punishment: an economic approach. J. Polit. Econ. 76, 169–217 (1968)CrossRef

Gibbs, J.: Crime, Punishment, and Deterrence. Elsevier Scientific Publishing Company, New York (1975)

Harknett, R.: Information warfare and deterrence. Parameters 26, 93–107 (1996)

Harknett, R., Callaghan, J., Kauffman, R.: Leaving deterrence behind: war-fighting and national cybersecurity. J. Homel. Secur. Emerg. Manag. 7(1), 1–24 (2010)

10.

Denning, D., Baugh, W.: Hiding crimes in cyberspace. In: Thomas, D., Loader, D. (eds.) Cybercrime: Law Enforcement, Security and Surveillance in the Information Age, pp. 105–132. Routledge, London (2000)

11.

Goodman, W.: Cyber deterrence: tougher in theory than in practice? Strategic Studies Quarterly Fall, pp. 102–135 (2010)

12.

Welsh, B., Farrington, D.: Making Public Places Safer: Surveillance and Crime Prevention. Oxford University Press, New York (2009)CrossRef

13.

Welsh, B., Mudge, M., Farrington, D.: Reconceptualizing public area surveillance and crime prevention: security guards, place managers and defensible space. Secur. J. 23, 299–319 (2010)CrossRef

14.

Nagin, D.: Deterrence in the twenty-first century. Crime Justice 42(1), 199–263 (2013)MathSciNetCrossRef

15.

Sherman, L.: Police crackdowns: initial and residual deterrence. In: Tonry, M., Morris, M. (eds.) Crime and Justice: An Annual Review of Research, vol. 12, pp. 1–48. University of Chicago Press, Chicago (1990)CrossRef

16.

Stoneburner, G., Goguen, A., Feringa, A.: Risk Management Guide for Information Technology Systems. NIST Special Publication 800:30 (2002)

17.

Png, I., Wang, Q.: Information security: facilitating user precautions vis-à-vis enforcement against attackers. J. Manag. Inf. Syst. 26, 97–121 (2009)CrossRef

18.

Maimon, D., Alper, M., Sobesto, B., Cukier, M.: Restrictive deterrent effect of a warning banner in an attacked computer system. Criminology 52, 33–59 (2014)CrossRef

19.

Jacobs, B., Cherbonneau, M.: Auto theft and restrictive deterrence. Justice Q. 31(2), 1–24 (2014)CrossRef

20.

Jacobs, B.: Crack dealers’ apprehension avoidance techniques: a case of restrictive deterrence. Justice Q. 13, 359–381 (1996)CrossRef

21.

Wright, R., Decker, S.: Burglars on the Job. Northeastern University Press, Boston (1994)

22.

Clarke, R.V.: Situational crime prevention. Crime Justice 19, 91–150 (1995)CrossRef

23.

Cozens, P., Love, T.: A review and current status of crime prevention through environmental design (CPTED). J. Plann. Lit. 30(4), 393–412 (2015)CrossRef

24.

Ellsberg, D.: Risk, ambiguity, and the Savage axioms. Q. J. Econ. 75(4), 643–669 (1961)CrossRef

25.

Kahneman, D., Tversky, A.: Prospect theory: an analysis of decision under risk. Econometrica 47(2), 263–291 (1979)MathSciNetCrossRef

26.

Trautmann, S., Vieider, F., Wakker, P.: Causes of ambiguity aversion: known versus unknown preferences. J. Risk Uncertain. 36(3), 225–243 (2008)CrossRef

27.

Becker, S., Brownson, F.: What price ambiguity? Or the role of ambiguity in decision-making. J. Polit. Econ. 72(1), 62–73 (1964)CrossRef

28.

Jacobs, B.: Deterrence and deterrability. Criminology 48(2), 417–441 (2010)CrossRef

29.

Baillon, A., Bleichrodt, H.: Testing ambiguity models through the measurement of probabilities for gains and losses. Am. Econ. J. 7(2), 77–100 (2015)

30.

Engebretson, P.: The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy. Elsevier, Waltham (2013)

31.

National Institute for Standards and Technology: Recommended Security Controls for Federal Information Systems and Organization (U.S. Department of Commerce) (2009)

Titel: Predictably Deterrable? The Case of System Trespassers
verfasst von: David Maimon
Alexander Testa
Bertrand Sobesto
Michel Cukier
Wuling Ren
Verlag: Springer International Publishing
Buch: Security, Privacy, and Anonymity in Computation, Communication, and Storage
Print ISBN: 978-3-030-24899-4

Electronic ISBN: 978-3-030-24900-7

Copyright-Jahr: 2019
DOI: https://doi.org/10.1007/978-3-030-24900-7_26

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"