We develop and estimate a vector equation system of threats to ten important IP services, using SANS-reported data over the period January 2003 to February 2011. Our results reveal strong evidence of contagion between such attacks, with attacks on ssh and Secure Web Server indicating increased attack activity on other ports. Security managers who ignore such contagious inter-relationships may underestimate the underlying risk to their systems' defence of security attributes, such as sensitivity and criticality, and thus delay appropriate information security investments.
|Publication status||Published - 25 Jun 2012|
|Event||11th Annual Workshop on the Economics of Information Security - Berlin, Germany|
Duration: 25 Jun 2012 → 26 Jun 2012
|Conference||11th Annual Workshop on the Economics of Information Security|
|Period||25/06/12 → 26/06/12|
Pym, D. J., Williams, J., Ioannidis, C., Gheyas, I. A., & Baldwin, A. (2012). Contagion in Cybersecurity Attacks. Paper presented at 11th Annual Workshop on the Economics of Information Security , Berlin, Germany.