Cookies

We use cookies to ensure that we give you the best experience on our website. By continuing to browse this repository, you give consent for essential cookies to be used. You can read more about our Privacy and Cookie Policy.


Durham Research Online
You are in:

Contagion in cyber security attacks.

Baldwin, A. and Gheyas, I. and Ioannidis, C. and Pym, D. and Williams, J. (2017) 'Contagion in cyber security attacks.', Journal of the Operational Research Society., 68 (7). pp. 780-791.

Abstract

Systems security is essential for the efficient operation of all organizations. Indeed, most large firms employ a designated ‘Chief Information Security Officer’ to coordinate the operational aspects of the organization’s information security. Part of this role is in planning investment responses to information security threats against the firm’s corporate network infrastructure. To this end, we develop and estimate a vector equation system of threats to 10 important IP services, using industry standard SANS data on threats to various components of a firm’s information system over the period January 2003 – February 2011. Our results reveal strong evidence of contagion between such attacks, with attacks on ssh and Secure Web Server indicating increased attack activity on other ports. Security managers who ignore such contagious inter-relationships may underestimate the underlying risk to their systems’ defence of security attributes, such as sensitivity and criticality, and thus delay appropriate information security investments.

Item Type:Article
Full text:Publisher-imposed embargo until 09 March 2018.
(AM) Accepted Manuscript
File format - PDF
(778Kb)
Status:Peer-reviewed
Publisher Web site:https://doi.org/10.1057/jors.2016.37
Publisher statement:This is a post-peer-review, pre-copyedit version of an article published in Journal of the Operational Research Society. The definitive publisher-authenticated version Baldwin, A., Gheyas, I., Ioannidis, C., Pym, D. & Williams, J. (2017). Contagion in cyber security attacks. Journal of the Operational Research Society, 68(7): 780-791, doi: 10.1057/jors.2016.37 is available online at: https://doi.org/10.1057/jors.2016.37
Record Created:05 May 2016 17:21
Last Modified:02 Aug 2017 13:53

Social bookmarking: del.icio.usConnoteaBibSonomyCiteULikeFacebookTwitterExport: EndNote, Zotero | BibTex
Look up in GoogleScholar | Find in a UK Library