IDEAS home Printed from https://ideas.repec.org/a/eee/ejores/v201y2010i2p545-556.html
   My bibliography  Save this article

Security protection design for deception and real system regimes: A model and analysis

Author

Listed:
  • Ryu, C.
  • Sharman, R.
  • Rao, H.R.
  • Upadhyaya, S.

Abstract

In this paper, we model a possible deception system with the explicit purpose of enticing unauthorized users and restricting their access to the real system. The proposed model represents a system designer's defensive actions against intruders in a way that maximizes the difference between the intruders' cost and the system designer's cost of system protection. Under the assumption of a dual entity system, the proposed model shows that intruders differ in behavior depending on the system's vulnerability at the time of intrusion as well as depending on their own economic incentives. The optimal results of the proposed model provide the system designer with insights on how to configure the level of protection for the two systems.

Suggested Citation

  • Ryu, C. & Sharman, R. & Rao, H.R. & Upadhyaya, S., 2010. "Security protection design for deception and real system regimes: A model and analysis," European Journal of Operational Research, Elsevier, vol. 201(2), pages 545-556, March.
    • Handle: RePEc:eee:ejores:v:201:y:2010:i:2:p:545-556
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0377-2217(09)00189-1
    Download Restriction: Full text for ScienceDirect subscribers only
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Berman, Oded & Gavious, Arieh, 2007. "Location of terror response facilities: A game between state and terrorist," European Journal of Operational Research, Elsevier, vol. 177(2), pages 1113-1133, March.
    2. Gordon, Lawrence A. & Loeb, Martin P. & Lucyshyn, William, 2003. "Sharing information on computer systems security: An economic analysis," Journal of Accounting and Public Policy, Elsevier, vol. 22(6), pages 461-485.
    3. Zeng, Daniel D. & Dror, Moshe & Chen, Hsinchun, 2006. "Efficient scheduling of periodic information monitoring requests," European Journal of Operational Research, Elsevier, vol. 173(2), pages 583-599, September.
    4. Basso, Antonella & Peccati, Lorenzo A., 2001. "Optimal resource allocation with minimum activation levels and fixed costs," European Journal of Operational Research, Elsevier, vol. 131(3), pages 536-549, June.
    5. K. Sridhar Moorthy & I. P. L. Png, 1992. "Market Segmentation, Cannibalization, and the Timing of Product Introductions," Management Science, INFORMS, vol. 38(3), pages 345-359, March.
    6. Fessi, B.A. & Hamdi, M. & Benabdallah, S. & Boudriga, N., 2007. "A decisional framework system for computer network intrusion detection," European Journal of Operational Research, Elsevier, vol. 177(3), pages 1824-1838, March.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Ravi Sen & Joobin Choobineh & Subodha Kumar, 2020. "Determinants of Software Vulnerability Disclosure Timing," Production and Operations Management, Production and Operations Management Society, vol. 29(11), pages 2532-2552, November.
    2. Lee, Sangjae & Costello, Francis Joseph & Lee, Kun Chang, 2021. "Hierarchical balanced scorecard-based organizational goals and the efficiency of controls processes," Journal of Business Research, Elsevier, vol. 132(C), pages 270-288.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. ÇakanyIldIrIm, Metin & Yue, Wei T. & Ryu, Young U., 2009. "The management of intrusion detection: Configuration, inspection, and investment," European Journal of Operational Research, Elsevier, vol. 195(1), pages 186-204, May.
    2. Shijie Lu & Xin (Shane) Wang & Neil Bendle, 2020. "Does Piracy Create Online Word of Mouth? An Empirical Analysis in the Movie Industry," Management Science, INFORMS, vol. 66(5), pages 2140-2162, May.
    3. Chakravarthi Narasimhan & Z. John Zhang, 2000. "Market Entry Strategy Under Firm Heterogeneity and Asymmetric Payoffs," Marketing Science, INFORMS, vol. 19(4), pages 313-327, November.
    4. José A. Novo‐Peteiro, 2023. "Product design with attribute dependence," Manchester School, University of Manchester, vol. 91(4), pages 361-385, July.
    5. Wilhelm, Wilbert E. & Xu, Kaihong, 2002. "Prescribing product upgrades, prices and production levels over time in a stochastic environment," European Journal of Operational Research, Elsevier, vol. 138(3), pages 601-621, May.
    6. David Simchi-Levi & Nikolaos Trichakis & Peter Yun Zhang, 2019. "Designing Response Supply Chain Against Bioattacks," Operations Research, INFORMS, vol. 67(5), pages 1246-1268, September.
    7. Daniel Schatz & Rabih Bashroush, 0. "Economic valuation for information security investment: a systematic literature review," Information Systems Frontiers, Springer, vol. 0, pages 1-24.
    8. Kjell Hausken & Jun Zhuang, 2011. "Governments' and Terrorists' Defense and Attack in a T -Period Game," Decision Analysis, INFORMS, vol. 8(1), pages 46-70, March.
    9. Shan, Xiaojun & Zhuang, Jun, 2013. "Hybrid defensive resource allocations in the face of partially strategic attackers in a sequential defender–attacker game," European Journal of Operational Research, Elsevier, vol. 228(1), pages 262-272.
    10. Dawid, Herbert & Kopel, Michael & Kort, Peter M., 2013. "New product introduction and capacity investment by incumbents: Effects of size on strategy," European Journal of Operational Research, Elsevier, vol. 230(1), pages 133-142.
    11. Oded Koenigsberg & Rajeev Kohli & Ricardo Montoya, 2011. "The Design of Durable Goods," Marketing Science, INFORMS, vol. 30(1), pages 111-122, 01-02.
    12. Chih-yi Chi, Woody & Wu, Shufen, 2006. "Intertemporal quality discrimination of a durable good monopolist," Economics Letters, Elsevier, vol. 92(2), pages 184-191, August.
    13. Kjell Hausken, 2017. "Security Investment, Hacking, and Information Sharing between Firms and between Hackers," Games, MDPI, vol. 8(2), pages 1-23, May.
    14. Yan, Xiaoming & Zhao, Wenhan & Yu, Yugang, 2022. "Optimal product line design with reference price effects," European Journal of Operational Research, Elsevier, vol. 302(3), pages 1045-1062.
    15. Julian Birkinshaw & Mats Lingblad, 2005. "Intrafirm Competition and Charter Evolution in the Multibusiness Firm," Organization Science, INFORMS, vol. 16(6), pages 674-686, December.
    16. Marion Debruyne & David J. Reibstein, 2005. "Competitor See, Competitor Do: Incumbent Entry in New Market Niches," Marketing Science, INFORMS, vol. 24(1), pages 55-66, December.
    17. Amit Basu & Sreekumar Bhaskaran, 2018. "An Economic Analysis of Customer Co-design," Information Systems Research, INFORMS, vol. 29(4), pages 787-804, December.
    18. Cao, Qingning & Geng, Xianjun & Zhang, Jun, 2015. "Strategic Role of Retailer Bundling in a Distribution Channel," Journal of Retailing, Elsevier, vol. 91(1), pages 50-67.
    19. Xiaotong Li, 2022. "An evolutionary game‐theoretic analysis of enterprise information security investment based on information sharing platform," Managerial and Decision Economics, John Wiley & Sons, Ltd., vol. 43(3), pages 595-606, April.
    20. Gerstle, Ari D. & Waldman, Michael, 2016. "Mergers in durable-goods industries: A re-examination of market power and welfare effects," Research in Economics, Elsevier, vol. 70(4), pages 677-692.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ejores:v:201:y:2010:i:2:p:545-556. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: http://www.elsevier.com/locate/eor .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.