EconomicsofUserSegmentation,Profiling,andDetectionin

《EconomicsofUserSegmentation,Profiling,andDetectionin》由会员上传分享，免费在线阅读，更多相关内容在教育资源-天天文库。

1、EconomicsofUserSegmentation,Profiling,andDetectioninSecurityBinMaiCollegeofBusinessAdministrationNorthwesternStateUniversityNatchitoches,LA71497maib@nsula.eduHuseyinCavusoglu,SrinivasanRaghunathan,andByungwanKohSchoolofManagementTheUniversityofTexasatDallasRichardson

2、,TX75083{sraghu,huseyin,byungwan.koh}@utdallas.eduUserprofilingisregardedasaneffectiveandefficienttooltodetectsecuritybreachesbecauseitallowsfirmstotargetattackersbydeployingamorestringentdetectionsystemforthemthanfornormalusers.Theabsenceofprofilingrestrictsthefirmt

3、ousethesamedetectionsystemforallusers.Whileprofilingcanbeausefultool,weshowthatitinducesattackerstofaketheiridentityandtricktheprofilingsystemintomisclassifyingtheirtype,andthatthisincentiveishigheriftheprofilingaccuracyishigher.Byfaking,anattackerreducesthelikelihoo

4、dofbeingclassifiedasanattackerbytheprofilingsystem;ahigherprofilingaccuracydecreasesthislikelihoodmore.Further,ahigherdisparityindetectionratesforattackersandnormalusersemployedbythefirmtotakeadvantageofahigherprofilingaccuracymakesfakingevenmoreattractive.Iffakingis

5、sufficientlyeasy,theprofilingaccuracyissufficientlypoor,oriffakingdegradestheprofilingaccuracysufficiently,thenthefirmrealizesalowerpayoffwhenitusesprofilingthanwhenitdoesnot.Forprofilingtooffermaximumbenefit,fakingcostshouldbehigherthanathresholdvalue,whichisincreas

6、ingintheprofilingaccuracy.Iffakingisnotanissue,then,consistentwithourintuition,itisoptimalforafirmtodeployamorestringentdetectionsystemforanattackerandalessstringentdetectionsystemforanormaluserwhenprofilingaccuracyimproves.However,whenfakingisanissue,iftheprofilinga

7、ccuracyishigherthanathresholdvalue,thenthefirmshoulddesignlessdifferentiateddetectionsystemsbydegradingthedetectionrateforanattackerorbyenhancingthedetectionrateforanormaluserwhenprofilingaccuracyimproves.May2007341.IntroductionDetectionsystemsareanintegralpartofmany

8、securityarchitectures.Metaldetectors,X-rayscanners,andphysicalinspectionsareafewsuchsystemsusedinaviationsecurity.IntrusionDetectio