IDEAS home Printed from https://ideas.repec.org/a/eee/ejores/v201y2010i2p545-556.html
   My bibliography  Save this article

Security protection design for deception and real system regimes: A model and analysis

Author

Listed:
  • Ryu, C.
  • Sharman, R.
  • Rao, H.R.
  • Upadhyaya, S.

Abstract

In this paper, we model a possible deception system with the explicit purpose of enticing unauthorized users and restricting their access to the real system. The proposed model represents a system designer's defensive actions against intruders in a way that maximizes the difference between the intruders' cost and the system designer's cost of system protection. Under the assumption of a dual entity system, the proposed model shows that intruders differ in behavior depending on the system's vulnerability at the time of intrusion as well as depending on their own economic incentives. The optimal results of the proposed model provide the system designer with insights on how to configure the level of protection for the two systems.

Suggested Citation

  • Ryu, C. & Sharman, R. & Rao, H.R. & Upadhyaya, S., 2010. "Security protection design for deception and real system regimes: A model and analysis," European Journal of Operational Research, Elsevier, vol. 201(2), pages 545-556, March.
    • Handle: RePEc:eee:ejores:v:201:y:2010:i:2:p:545-556
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0377-2217(09)00189-1
    Download Restriction: Full text for ScienceDirect subscribers only
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Zeng, Daniel D. & Dror, Moshe & Chen, Hsinchun, 2006. "Efficient scheduling of periodic information monitoring requests," European Journal of Operational Research, Elsevier, vol. 173(2), pages 583-599, September.
    2. Basso, Antonella & Peccati, Lorenzo A., 2001. "Optimal resource allocation with minimum activation levels and fixed costs," European Journal of Operational Research, Elsevier, vol. 131(3), pages 536-549, June.
    3. K. Sridhar Moorthy & I. P. L. Png, 1992. "Market Segmentation, Cannibalization, and the Timing of Product Introductions," Management Science, INFORMS, vol. 38(3), pages 345-359, March.
    4. Fessi, B.A. & Hamdi, M. & Benabdallah, S. & Boudriga, N., 2007. "A decisional framework system for computer network intrusion detection," European Journal of Operational Research, Elsevier, vol. 177(3), pages 1824-1838, March.
    5. Berman, Oded & Gavious, Arieh, 2007. "Location of terror response facilities: A game between state and terrorist," European Journal of Operational Research, Elsevier, vol. 177(2), pages 1113-1133, March.
    6. Gordon, Lawrence A. & Loeb, Martin P. & Lucyshyn, William, 2003. "Sharing information on computer systems security: An economic analysis," Journal of Accounting and Public Policy, Elsevier, vol. 22(6), pages 461-485.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Ravi Sen & Joobin Choobineh & Subodha Kumar, 2020. "Determinants of Software Vulnerability Disclosure Timing," Production and Operations Management, Production and Operations Management Society, vol. 29(11), pages 2532-2552, November.
    2. Lee, Sangjae & Costello, Francis Joseph & Lee, Kun Chang, 2021. "Hierarchical balanced scorecard-based organizational goals and the efficiency of controls processes," Journal of Business Research, Elsevier, vol. 132(C), pages 270-288.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. ÇakanyIldIrIm, Metin & Yue, Wei T. & Ryu, Young U., 2009. "The management of intrusion detection: Configuration, inspection, and investment," European Journal of Operational Research, Elsevier, vol. 195(1), pages 186-204, May.
    2. Weaver, Robert D. & Moon, Yongma, 2010. "Private Labels: A Mechanism For Fulfilling Consumer Demand For Healthy Food?," 115th Joint EAAE/AAEA Seminar, September 15-17, 2010, Freising-Weihenstephan, Germany 116397, European Association of Agricultural Economists.
    3. Shijie Lu & Xin (Shane) Wang & Neil Bendle, 2020. "Does Piracy Create Online Word of Mouth? An Empirical Analysis in the Movie Industry," Management Science, INFORMS, vol. 66(5), pages 2140-2162, May.
    4. Liberali, Guilherme & Gruca, Thomas S. & Nique, Walter M., 2011. "The effects of sensitization and habituation in durable goods markets," European Journal of Operational Research, Elsevier, vol. 212(2), pages 398-410, July.
    5. Chakravarthi Narasimhan & Z. John Zhang, 2000. "Market Entry Strategy Under Firm Heterogeneity and Asymmetric Payoffs," Marketing Science, INFORMS, vol. 19(4), pages 313-327, November.
    6. Zhang, Yibin & Hafezi, Maryam & Zhao, Xuan & Shi, Victor, 2017. "Reprint of “The impact of development cost on product line design and its environmental performance”," International Journal of Production Economics, Elsevier, vol. 194(C), pages 126-134.
    7. Kopalle, Praveen K. & Pauwels, Koen & Akella, Laxminarayana Yashaswy & Gangwar, Manish, 2023. "Dynamic pricing: Definition, implications for managers, and future research directions," Journal of Retailing, Elsevier, vol. 99(4), pages 580-593.
    8. José A. Novo‐Peteiro, 2023. "Product design with attribute dependence," Manchester School, University of Manchester, vol. 91(4), pages 361-385, July.
    9. Mazaher Kianpour & Stewart J. Kowalski & Harald Øverby, 2021. "Systematically Understanding Cybersecurity Economics: A Survey," Sustainability, MDPI, vol. 13(24), pages 1-28, December.
    10. Wilhelm, Wilbert E. & Xu, Kaihong, 2002. "Prescribing product upgrades, prices and production levels over time in a stochastic environment," European Journal of Operational Research, Elsevier, vol. 138(3), pages 601-621, May.
    11. David Simchi-Levi & Nikolaos Trichakis & Peter Yun Zhang, 2019. "Designing Response Supply Chain Against Bioattacks," Operations Research, INFORMS, vol. 67(5), pages 1246-1268, September.
    12. Daniel Schatz & Rabih Bashroush, 0. "Economic valuation for information security investment: a systematic literature review," Information Systems Frontiers, Springer, vol. 0, pages 1-24.
    13. Krishnan, Trichy V. & Feng, Shanfei & Jain, Dipak C., 2023. "Peak sales time prediction in new product sales: Can a product manager rely on it?," Journal of Business Research, Elsevier, vol. 165(C).
    14. Kjell Hausken & Jun Zhuang, 2011. "Governments' and Terrorists' Defense and Attack in a T -Period Game," Decision Analysis, INFORMS, vol. 8(1), pages 46-70, March.
    15. Shan, Xiaojun & Zhuang, Jun, 2013. "Hybrid defensive resource allocations in the face of partially strategic attackers in a sequential defender–attacker game," European Journal of Operational Research, Elsevier, vol. 228(1), pages 262-272.
    16. Hausken, Kjell, 2024. "Fifty Years of Operations Research in Defense," European Journal of Operational Research, Elsevier, vol. 318(2), pages 355-368.
    17. Dawid, Herbert & Kopel, Michael & Kort, Peter M., 2013. "New product introduction and capacity investment by incumbents: Effects of size on strategy," European Journal of Operational Research, Elsevier, vol. 230(1), pages 133-142.
    18. Oded Koenigsberg & Rajeev Kohli & Ricardo Montoya, 2011. "The Design of Durable Goods," Marketing Science, INFORMS, vol. 30(1), pages 111-122, 01-02.
    19. Alain, Guinet & Angel, Ruiz, 2016. "Modeling the logistics response to a bioterrorist anthrax attackAuthor-Name: Wanying, Chen," European Journal of Operational Research, Elsevier, vol. 254(2), pages 458-471.
    20. Chih-yi Chi, Woody & Wu, Shufen, 2006. "Intertemporal quality discrimination of a durable good monopolist," Economics Letters, Elsevier, vol. 92(2), pages 184-191, August.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ejores:v:201:y:2010:i:2:p:545-556. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: http://www.elsevier.com/locate/eor .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.