Title :
Crime Pays If You Are Just an Average Hacker
Author :
Woohyun Shim ; Allodi, Luca ; Massacci, F.
Author_Institution :
Univ. of Trento, Trento, Italy
Abstract :
This study investigates the effects of incentive and deterrence strategies that might turn a security researcher into a malware writer, or vice versa. By using a simple game theoretic model, we illustrate how hackers maximize their expected utility. Furthermore, our simulation models show how hackers´ malicious activities are affected by changes in strategies employed by defenders. Our results indicate that, despite the manipulation of strategies, average-skilled hackers have incentives to participate in malicious activities, whereas highly skilled hackers who have high probability of getting maximum payoffs from legal activities are more likely to participate in legitimate ones. Lastly, according on our findings, reactive strategies are more effective than proactive strategies in discouraging hackers´ malicious activities.
Keywords :
computer crime; game theory; invasive software; average-skilled hackers; computer crime; deterrence strategies; game theoretic model; hacker expected utility maximization; hacker malicious activities; highly-skilled hackers; incentive strategies; legal activities; malware; maximum payoffs; proactive strategies; reactive strategies; simulation models; black markets; exploit kits; game theory; security;
Conference_Titel :
Cyber Security (CyberSecurity), 2012 International Conference on
Conference_Location :
Washington, DC
Print_ISBN :
978-1-4799-0219-4
DOI :
10.1109/CyberSecurity.2012.15
