Network Security Economics: Understanding Incentives to Improve Online Security

With the rise of financially-motivated computer abuse, understanding economic incentives of both attackers and targets has become critical to strengthening online security. In this talk, I will advocate the need for an interdisciplinary research agenda, ranging from network measurements and analysis to game-theoretic modeling.

I will first show how empirical network measurements help better design intervention mechanisms against attackers. Using the online sale of unlicensed pharmaceutical drugs as a case study, I will describe how longitudinal, large-scale measurements and analysis reveal important structural properties of a priori complex criminal ecosystems. I will in particular demonstrate the existence of "choke points" both in traffic brokering and product supply, which should be prime targets for intervention.

In addition to disrupting attackers' operations, improving overall network security also requires users strengthen their defenses — but which incentives do they have to do so? I will introduce a game-theoretic model that we developed to describe how rational users respond to security threats in large-scale networks. I will use this model to show how network effects, specifically negative network externalities, strongly influence security decision making. I will conclude by outlining a roadmap for future security research combining measurements, mathematical modeling and behavioral aspects.
Nicolas Christin is an Assistant Research Professor in Electrical and Computer Engineering at Carnegie Mellon University, where he is also affiliated with CyLab, the computer and information security research center. In addition, he has courtesy faculty appointments in the Information Networking Institute and in Engineering and Public Policy. He holds a Dipl&rquo;me d'ingénieur from ‰cole Centrale Lille, and M.S. and Ph.D. degrees in Computer Science from the University of Virginia. After a postdoc in the School of Information at the University of California, Berkeley, he joined Carnegie Mellon in 2005. He worked for three years as resident faculty at CMU CyLab Japan, before returning to Carnegie Mellon's main campus in 2008. He subsequently served as Associate Director of the Information Networking Institute between 2008 and 2013. His research interests are in computer and information systems networks; most of his work is at the boundary of systems and policy research, with a slant toward security aspects. He has most recently focused on online crime, security economics, and psychological aspects of computer security. He equally enjoys field measurements and mathematical modeling.