Security protection design for deception and real system regimes: A model and analysis

In this paper, we model a possible deception system with the explicit purpose of enticing unauthorized users and restricting their access to the real system. The proposed model represents a system designer's defensive actions against intruders in a way that maximizes the difference between the intruders' cost and the system designer's cost of system protection. Under the assumption of a dual entity system, the proposed model shows that intruders differ in behavior depending on the system's vulnerability at the time of intrusion as well as depending on their own economic incentives. The optimal results of the proposed model provide the system designer with insights on how to configure the level of protection for the two systems.

MoreLess

Year of publication:	2010
Authors:	Ryu, C. ; Sharman, R. ; Rao, H.R. ; Upadhyaya, S.
Published in:	European Journal of Operational Research. - Elsevier, ISSN 0377-2217. - Vol. 201.2010, 2, p. 545-556
Publisher:	Elsevier
Keywords:	Decision analysis Information security Deception system Economic model

More details

Type of publication:	Article
Source:	RePEc - Research Papers in Economics

Persistent link: https://www.econbiz.de/10008483373