Using Economics to Quantify the Security of the Internet Jason Franklin.

Slides:



Advertisements
Similar presentations
Sotiris Georganas City University London
Advertisements

CHAPTER 3 Demand and Supply
When you have completed your study of this chapter, you will be able to C H A P T E R C H E C K L I S T Distinguish between quantity demanded and demand.
1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.
Chapter 3: Demand, Supply and Equilibrium
C H A P T E R 4 Prepared by: Fernando and Yvonn Quijano © 2006 Prentice Hall Business Publishing Economics: Principles and Tools, 4/e O’Sullivan/ Sheffrin.
Paul Schneiderman, Ph.D., Professor of Finance & Economics, Southern New Hampshire University ©2008 South-Western.
© 2007 Prentice Hall Business Publishing; Essentials of Economics, R. Glenn Hubbard, Anthony Patrick O’Brien CHAPTER 3: Where Prices Come From:The Interaction.
Understanding Botnets: How Massive Internet Break-Ins Fuel an Underground Economy Jason Franklin and Vern Paxson.
Ch. 3: Demand and Supply Objectives Determinants of demand and supply
Lecture 6 : Examining Market Mechanics  Money prices and relative real prices  Influences on demand  Influences on supply  Prices and quantities determined.
Supply and Demand Chapter 3. Competitive Market Lots of buyers and sellers dealing in identical goods.
Demand and Supply Market and the Economy Demand The Demand Curve Demand versus Quantity Demanded Supply Supply versus Quantity Supplied Market Equilibrium.
1 © 2010 South-Western, a part of Cengage Learning Chapter 3 Market Demand and Supply Microeconomics for Today Irvin B. Tucker.
Prepared by: Jamal Husein C H A P T E R 2 © 2005 Prentice Hall Business PublishingSurvey of Economics, 2/eO’Sullivan & Sheffrin Supply, Demand, and Market.
Chapter 5: Demand and Supply Supply and Shifters of Supply.
Supply and Demand chapter 2 Copyright © 2014 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent.
Chapter 3 Supply and Demand: In Introduction. Basic Economic Questions to Answer What: variety and quantity How: technology For whom: distribution.
Explorations in Economics
1 CHAPTER 3 Demand, Supply and Market Equilibrium.
By: KiKi.  Competitive market- a market in which there are many buyers and sellers of the same good or service, none of whom can influence the price.
How Markets Work! Supply and Demand Supply and Demand *Demand *Supply *Prices *Market Structures.
1 Demand, Supply & Equilibrium Demand & its Determinants  Wants Vs. Demand  A general example: The demand for Soda  Demand Schedule & Demand Curve 
Chapter 4 Demand and Supply. The Market can be a location, network of buyers and sellers for a product, demand for a product or a price-determination.
Supply and Demand. Economic definitions for DEMAND Demand: the total amount consumers are willing and able to buy at all prices at a specific point in.
02 Supply and demand Acknowledgement: John Kane SUNY.
ECON 101: Introduction to Economics - I Lecture 3 – Demand and Supply.
Essentials of economics – Ch 3
Economics 100 Lecture 5 Demand and Supply (I). Demand and Supply  Opportunity Cost and Price  Demand.
Demand and Supply Introduction to Economics TM 4-2 Copyright © 1998 Addison Wesley Longman, Inc. Learning Objectives Distinguish between a money price.
When you have completed your study of this chapter, you will be able to C H A P T E R C H E C K L I S T Distinguish between quantity demanded and demand.
An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants.
How Markets Work Demand. Introduction Economics is about choices that people make to face scarcity and how those choices are affected by incentives. Prices.
How are Market Outcomes (price and quantity) Determined? The components of the supply and demand model: 1.Supply (description of seller behavior) 2.Demand.
Copyright © 2008 Pearson Addison-Wesley. All rights reserved. Chapter 3 Demand, Supply, and Price.
How Markets Work Demand & Supply. Introduction Economics is about choices that people make to face scarcity and how those choices are affected by incentives.
Demand and Supply1 DEMAND AND SUPPLY Economics 2023 Principles of Microeconomics Dr. McCaleb.
1 C H A P T E R 1 1 Supply, Demand, and Market Equilibrium C H A P T E R 4 © 2001 Prentice Hall Business PublishingEconomics: Principles and Tools, 2/eO’Sullivan.
CHAPTER 4: Demand and Supply Analysis CHAPTER CHECKLIST 1.Distinguish between quantity demanded and demand and explain what determines demand. 2.Distinguish.
SUPPLY & DEMAND Three functions of price A. Determines value B. Communicates between buyers and sellers C. Rationing device.
DEMAND, SUPPLY, and MARKET EQUILIBRIUM Appendix (chapter 3)
3 CHAPTER Demand and Supply © Pearson Education 2012 After studying this chapter you will be able to:  Describe a competitive market and think about.
1 Demand, Supply, and Equilibrium in a Perfectly Competitive Market.
Goal 8 Supply and Demand. The Law of Demand  The law of demand holds that all other things equal, as the price of a good or service increases, the quantity.
A market is an institution in which buyers and sellers exchange goods and services for a medium of exchange --money Markets, demand, and supply.
Supply and Demand. The Law of Demand The law of demand holds that other things equal, as the price of a good or service rises, its quantity demanded falls.
SUPPLY & DEMAND. Demand  Demand is the combination of desire, willingness and ability to buy a product. It is how much consumers are willing to purchase.
SUPPLY AND DEMAND (AND GRAPHING APPLICATIONS). SUPPLY AND DEMAND: MODELING A COMPETITIVE MARKET  For a market to be competitive, there has to be several.
+ Supply and Demand Why are some goods produced and not others?
1 Chapter 3 Lecture DEMAND AND SUPPLY. 2 Market and Prices A market is any arrangement that enables buyers and sellers to get information and do business.
© OnlineTexts.com p. 1 Chapter 3 Supply and Demand.
MICROECONOMICS Chapter 3 Demand and Supply
Demand A Schedule Showing the Consumers are Willing and Able to Purchase At a Specified Set of Prices During A Specified Period of Time Amounts of a Good.
Main Definitions Market: –All situations that link potential buyers and potential sellers are markets. Demand: –A demand schedule shows price and quantity.
CHAPTER 5: BASIC OF DEMAND AND SUPPLY
1 Chapter 3 Market Supply and Demand ©2002 South-Western College Publishing Key Concepts Key Concepts Summary Practice Quiz Internet Exercises Internet.
Intro To Microeconomics.  Cost is the money spent for the inputs used (e.g., labor, raw materials, transportation, energy) in producing a good or service.
 is a concept in which opposing dynamic forces cancel each other out.
CHAPTER 5: BASIC OF DEMAND AND SUPPLY
An Introduction to Demand
Changes in quantity demanded
By Muhammad Shahid Iqbal
Chapter 3 Supply and Demand © OnlineTexts.com p. 1.
SUPPLY & DEMAND.
Chapter 3 Supply and Demand © OnlineTexts.com p. 1.
Chapter 3 Supply and Demand © OnlineTexts.com p. 1.
Chapter 3 Supply and Demand © OnlineTexts.com p. 1.
Chapter 4 and 5 Supply and Demand © OnlineTexts.com p. 1.
Supply Law of Supply: the higher the price, the larger the quantity produced (ceteris paribus) The 2 factors influencing the law of supply are: 1. Individual.
Chapter 4 Demand and Supply.
Presentation transcript:

Using Economics to Quantify the Security of the Internet Jason Franklin

Internet Security (Availability) Claim 1: The security of the Internet is directly proportional to the number of compromised end- hosts –As the total number of compromised machines grows, the potential for larger DDoS attacks grows –More compromised machines implies more resources available to attackers –Security of the Internet is directly tied to the security of end-hosts in aggregate

Internet Security (Availability) Claim 2: Given a sufficiently powerful adversary, any networked resource can be DoSed successfully –Defenders are fundamentally more resource constrained than attackers –Defenders are restricted to play/pay by the rules Over-provisioning and DoS defenses cost money

Measuring Internet Security Two basic research questions: –(Number): How many of the Internet’s end- hosts are compromised at any one time? 100 million, 200 million, more? –(Cost): What is the effort required to compromise the security (availability) of a networked resource? A security metric for Internet availability Prefer quantity directly related to how much work or effort need be spent

Estimating Number of Compromised End-hosts Approach 1 (Scanning): –Scan entire IP address space with vulnerability scanner Pros: –Would give reasonable estimate of number of hosts with well-known easy-to-exploit vulnerabilities Cons: –Scanning won’t reach Internet’s edge (NATs etc.) –Vulnerability scanning is slow and noisy –Hosts that are compromised then patched would be missed

Estimating Number of Compromised End-host Approach 2 (Economics): –Establish market for compromised hosts –Monitor supply and demand Pros: –Inexpensive to monitor market –Learn more than just quantity supplied Cons: –Difficult to establish public market for stolen goods –Hard to entice buyers and sellers to participate

Hard, but not impossible Introducing #ccpower –Active underground market for cyber contraband Includes buyers and sellers specializing in spam, phishing, scamming, hacking, credit card fraud, and identity theft Global market with thousands of active buyers and sellers Responsible for ~$100 million in credit card fraud each year, numerous phishing scams, and hordes of other illegal activity

Collecting Economic Data Passive monitoring and archival of Internet Relay Chat (IRC) channels –50+ monitored servers –Over 7 months of data –Over 12 million individual messages from as many as 50k individuals Limitations and Complexities –No private IRC messages –Complex underground dialect (slang) –Difficult to establish reputation S S S C C C C C IRC S C erver lient Key

Market at a Glance Number of Days Monitored Percentage of Monitored Messages

Identifying Useful Data Text classification problem: –Given 13+ million IRC messages Including millions of useful messages –“I’ve got hacked hosts for $2, pm me for deal” And millions of useless messages –“Screw you guys I’m out of here” Built binary text classifiers to identify interesting classes of data –Hacked hosts sale ads –Hacked hosts want ads –Phishing and spam related ads Used SVMs with 3k line train set and 1k line test set –Bag of words feature vectors with TFIDF feature representation –SVMs correctly recall over 85% of true positives with precision of around 50% –For each true positive, SVMs identify one false positive

Economic Measurements Law of Demand –All other factors being equal, the higher the price of a good, the smaller is the quantity demanded Law of Supply –All other factors being equal, the higher the price of a good, the greater is the quantity supplied

Price of Hacked Hosts over Time Price Time Period (Days)

# Compromised End-hosts Methodology: –Market equilibrium price for compromised hosts at time t=1 is $10 –Market equilibrium price for compromised hosts at time t=2 is $5 –More compromised hosts are available at a lower price –But how do we know that supply shifted rather than demand? $10 ? $5 ? $10

Ceteris Paribus Assumption Laws of Supply and Demand only hold under ceteris paribus assumption –“All other factors being equal” Law of Demand’s Other Factors –Size of market (population) Measurements show this is fixed –Consumer preferences –Income –Price of related goods Law of Supply’s Other Factors –Cost of required resources (inputs) Search cost for time spent searching for vulnerable hosts Cost of exploits (free) –Technology Scripts and tools mainly –Price of substitute and complement Bulletproof hosting services for spammers Substitutes for bots? Days Population

Cost to Buy as a Security Metric Each networked server S has fixed amount of available resources R –S has sufficient resources to service k hosts at per time period –In our simple model, S is vulnerable to a complete DoS attack by >= k hosts Natural question to ask is “How much effort is required of an attacker to compromise k hosts?” –Before markets, effort required was dependent on skills of attacker and level of tools available –After markets, effort required at time t can be measured by the Cost to Buy k hosts at time t

Cost to Buy Metric A simple example: –Server S has sufficient resources to service 30 hosts per time period –Security w.r.t. an adversary: S is 20 (50-30) under provisioned against a $100 adversary at time t S is 5 over provisioned against a $100 adversary at time t+1 –Independent of adversary: S is $60 (30 * $2) secure at time t and $120 (30 * $4) secure at time t+1 Measures resources required by adversary / measures risk Time:Cost to buy(1) AdversaryAdversary Resources t$2$10050 t+1$4$10025

Conclusion We looked at how economics can be used to quantify the security of the Internet in a natural way Asked how many of Internet end-hosts are compromised Established trend suggesting that the number of compromised hosts is increasing rather than decreasing Developed the cost to buy security metric to quantity resources of adversary necessary to effect the available of a resource Price provides natural way to quantify resources

Remaining Work Use simultaneous equation models from econometrics to empirically estimate supply and demand curves –Allows for estimate of quantity supplied at a price Use event study methodology to correlate Internet security “events” with the price of compromised hosts –New form of validation for security metrics

Questions? Acknowledgements: –Paul Bennett,John Bethencourt, Gaurav Kataria, Leonid Kontorovich, Pratyusa K. Manadhata, Vern Paxson, Adrian Perrig, Srini Seshan, Stefan Savage

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.