EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

When Hackers Err: The Impacts of False Positives on Information Security Games

Bin Mai () and Shailesh Kulkarni
Additional contact information
Bin Mai: University of North Texas, Denton, Texas 76203
Shailesh Kulkarni: Department of Information Technology and Decision Sciences, University of North Texas, Denton, Texas 76203

Decision Analysis, 2018, vol. 15, issue 2, 90-109

Abstract: False positive rates and their impacts have been a focal point for information security research. However, most of this research investigates false positives exclusively from the system defender’s perspective, while in reality an attacker also faces the classification decision in identifying feasible targets and the consequences of false positive rates. In this paper, we present the first comprehensive analytical model that incorporates the false positives from both the perspective of the attacker and that of the system defender. Our results show that such false positives from the attacker’s perspective have a significant impact on the attacker’s decision making for an attack, as well as the optimal protection strategy for the defender. Our results help to shed new light on a wide range of diverse information security phenomena such as spam emails, the Nigerian scams, and the design of the honeypot as a security mechanism. In addition, we show how an attacker’s misestimation of a certain parameter would affect the defender’s strategy and how the heterogeneity of the systems impacts the defender’s strategy to manipulate the attacker’s possible misestimation.

Keywords: information security game; false positive; classification; spam; Nigerian scam; honeypot; misestimation (search for similar items in EconPapers)
Date: 2018
References: View references in EconPapers View complete reference list from CitEc
Citations: View citations in EconPapers (1)

Downloads: (external link)
https://doi.org/10.1287/deca.2017.0363 (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:inm:ordeca:v:15:y:2018:i:2:p:90-109

Access Statistics for this article

More articles in Decision Analysis from INFORMS Contact information at EDIRC.
Bibliographic data for series maintained by Chris Asher ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:inm:ordeca:v:15:y:2018:i:2:p:90-109