Luca Allodi
The Work-Averse Cyber Attacker Model: Theory and Evidence From Two Million Attack Signatures
Allodi, Luca; Massacci, Fabio; Williams, Julian
Abstract
The assumption that a cyber attacker will potentially exploit all present vulnerabilities drives most modern cyber risk management practices and the corresponding security investments. We propose a new attacker model, based on dynamic optimization, where we demonstrate that large, initial, fixed costs of exploit development induce attackers to delay implementation and deployment of exploits of vulnerabilities. The theoretical model predicts that mass attackers will preferably i) exploit only one vulnerability per software version, ii) largely include only vulnerabilities requiring low attack complexity, and iii) be slow at trying to weaponize new vulnerabilities. These predictions are empirically validated on a large dataset of observed massed attacks launched against a large collection of information systems. Findings in this paper allow cyber risk managers to better concentrate their efforts for vulnerability management, and set a new theoretical and empirical basis for further research defining attacker (offensive) processes.
Citation
Allodi, L., Massacci, F., & Williams, J. (2022). The Work-Averse Cyber Attacker Model: Theory and Evidence From Two Million Attack Signatures. Risk Analysis, 42(8), 1623-1642. https://doi.org/10.1111/risa.13732
| Journal Article Type | Article |
|---|---|
| Acceptance Date | Feb 3, 2021 |
| Online Publication Date | May 7, 2021 |
| Publication Date | Aug 6, 2022 |
| Deposit Date | Feb 4, 2021 |
| Publicly Available Date | Dec 20, 2021 |
| Journal | Risk Analysis |
| Print ISSN | 0272-4332 |
| Publisher | Wiley |
| Peer Reviewed | Peer Reviewed |
| Volume | 42 |
| Issue | 8 |
| Pages | 1623-1642 |
| DOI | https://doi.org/10.1111/risa.13732 |
| Public URL | https://durham-repository.worktribe.com/output/1252820 |
Files
Published Journal Article
(713 Kb)
PDF
Publisher Licence URL
http://creativecommons.org/licenses/by/4.0/
Copyright Statement
© 2021 The Authors. Risk Analysis published by Wiley Periodicals LLC on behalf of Society for Risk Analysis
This is an open access article under the terms of the Creative Commons Attribution License, which permits use, distribution and reproduction in any medium, provided the original work is properly cited.
You might also like
JUNE: open-source individual-based epidemiology simulation
(2021)
Journal Article
Testing the Eigenvalue Structure of Spot and Integrated Covariance
(2021)
Journal Article
Economics of Surveillance
(2021)
Book Chapter
Downloadable Citations
About Durham Research Online (DRO)
Administrator e-mail: dro.admin@durham.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search