首页    期刊浏览 2024年11月30日 星期六
登录注册

文章基本信息

  • 标题:The “Iterated Weakest Link” Model of Adaptive Security Investment
  • 本地全文:下载
  • 作者:Rainer Böhme ; Tyler Moore
  • 期刊名称:Journal of Information Security
  • 印刷版ISSN:2153-1234
  • 电子版ISSN:2153-1242
  • 出版年度:2016
  • 卷号:07
  • 期号:02
  • 页码:81-102
  • DOI:10.4236/jis.2016.72006
  • 语种:English
  • 出版社:Scientific Research Publishing
  • 摘要:We devise a model for security investment that reflects dynamic interaction between a defender, who faces uncertainty, and an attacker, who repeatedly targets the weakest link. Using the model, we derive and compare optimal security investment over multiple periods, exploring the delicate balance between proactive and reactive security investment. We show how the best strategy depends on the defender’s knowledge about prospective attacks and the recoverability of costs when upgrading defenses reactively. Our model explains why security under-investment is sometimes rational even when effective defenses are available and can be deployed independently of other parties’ choices. Finally, we connect the model to real-world security problems by examining two case studies where empirical data are available: computers compromised for use in online crime and payment card security.
  • 关键词:Optimal Security Investment under Uncertainty;Return on Security Investment
国家哲学社会科学文献中心版权所有