Economics and Internet Security: A Survey of Recent Analytical, Empirical, and Behavioral Research

[1]  Ross J. Anderson Can We Fix the Security Economics of Federated Authentication? , 2011, Security Protocols Workshop.

[2]  Tyler Moore,et al.  The Impact of Public Information on Phishing Attack and Defense , 2011 .

[3]  Richard Clayton Might Governments Clean-Up Malware? , 2010, WEIS.

[4]  Nicolas Christin,et al.  Dissecting one click frauds , 2010, CCS '10.

[5]  Tyler Moore,et al.  Would a 'cyber warrior' protect us: exploring trade-offs between attack and defense of information systems , 2010, NSPW '10.

[6]  Johannes M. Bauer,et al.  The Role of Internet Service Providers in Botnet Mitigation an Empirical Analysis Based on Spam Data , 2010, WEIS.

[7]  Alessandro Acquisti,et al.  Data Breaches and Identity Theft: When is Mandatory Disclosure Optimal? , 2010, WEIS.

[8]  Chris Kanich,et al.  Re: CAPTCHAs-Understanding CAPTCHA-Solving Services in an Economic Context , 2010, USENIX Security Symposium.

[9]  Rick Wash,et al.  Organization Interfaces—collaborative computing General Terms , 2022 .

[10]  Mike Bond,et al.  2010 IEEE Symposium on Security and Privacy Chip and PIN is Broken , 2022 .

[11]  Xin Zhao,et al.  The Nocebo Effect on the Web: An Analysis of Fake Anti-Virus Distribution , 2010, LEET.

[12]  Ponnurangam Kumaraguru,et al.  Who falls for phish?: a demographic analysis of phishing susceptibility and effectiveness of interventions , 2010, CHI.

[13]  Richard J. Sullivan The changing nature of U.S. card payment fraud: industry and public policy options , 2010 .

[14]  Felix Leder,et al.  A Case Study in Ethical Decision Making Regarding Remote Mitigation of Botnets , 2010, Financial Cryptography Workshops.

[15]  Mark MacCarthy Information Security Policy in the U.S. Retail Payments Industry , 2010, WEIS.

[16]  Sam Ransbotham,et al.  An Empirical Analysis of Exploitation Attempts Based on Vulnerabilities in Open Source Software , 2010, WEIS.

[17]  Cormac Herley,et al.  The Plight of the Targeted Attacker in a World of Scale , 2010, WEIS.

[18]  D. Carlton Externalities in Payment Card Networks: Theory and Evidence , 2010 .

[19]  Catherine Tucker,et al.  Encryption and Data Loss , 2010, WEIS.

[20]  Tyler Moore,et al.  The Iterated Weakest Link - A Model of Adaptive Security Investment , 2016, WEIS.

[21]  A. Acquisti,et al.  Privacy Costs and Personal Data Protection: Economic and Legal Perspectives , 2009 .

[22]  Cormac Herley,et al.  So long, and no thanks for the externalities: the rational rejection of security advice by users , 2009, NSPW '09.

[23]  Chris Kanich,et al.  Spamalytics: an empirical analysis of spam marketing conversion , 2009, CACM.

[24]  Jens Grossklags,et al.  Blue versus Red: Towards a Model of Distributed Security Attacks , 2009, Financial Cryptography.

[25]  M. Eric Johnson,et al.  Managing Information Risk and the Economics of Security , 2008, Managing Information Risk and the Economics of Security.

[26]  William Roberds,et al.  Data Breaches and Identity Theft , 2008, WEIS.

[27]  Richard J. Sullivan The Benefits of Collecting and Reporting Payment Fraud Statistics for the United States , 2009 .

[28]  Alessandro Acquisti,et al.  Do Data Breaches Disclosure Laws Reduce Identity Theft? , 2010, WEIS.

[29]  Tyler Moore,et al.  The consequence of non-cooperation in the fight against phishing , 2008, 2008 eCrime Researchers Summit.

[30]  Niels Provos,et al.  All Your iFRAMEs Point to Us , 2008, USENIX Security Symposium.

[31]  J. Bauer,et al.  Economics of Malware: Security Decisions, Incentives and Externalities , 2008 .

[32]  Steven J. Murdoch,et al.  Thinking Inside the Box: System-Level Failures of Tamper Proofing , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[33]  Nicolas Christin,et al.  Secure or insure?: a game-theoretic analysis of information security games , 2008, WWW.

[34]  Tyler Moore,et al.  The Impact of Incentives on Notice and Take-down , 2008, WEIS.

[35]  Tyler Moore,et al.  Examining the impact of website take-down on phishing , 2007, eCrime '07.

[36]  Cormac Herley,et al.  Evaluating a trial deployment of password re-use for phishing prevention , 2007, eCrime '07.

[37]  George A. Akerlof,et al.  The Market for “Lemons”: Quality Uncertainty and the Market Mechanism , 1970 .

[38]  Stefan Savage,et al.  An inquiry into the nature and causes of the wealth of internet miscreants , 2007, CCS '07.

[39]  Tyler Moore,et al.  The Economics of Information Security , 2006, Science.

[40]  J. Rochet,et al.  Externalities and Regulation in Card Payment Systems , 2006 .

[41]  Eric A. Posner,et al.  Holding Internet Service Providers Accountable , 2006, Supreme Court Economic Review.

[42]  Alessandro Acquisti,et al.  Is There a Cost to Privacy Breaches? An Event Study , 2006, WEIS.

[43]  L. Jean Camp,et al.  Pricing Security - A Market in Vulnerabilities , 2004, Economics of Information Security.

[44]  Hal R. Varian,et al.  System Reliability and Free Riding , 2004, Economics of Information Security.

[45]  H. Kunreuther,et al.  Interdependent Security , 2003 .

[46]  Ross J. Anderson Why information security is hard - an economic perspective , 2001, Seventeenth Annual Computer Security Applications Conference.

[47]  William L. Simon,et al.  The Art of Deception: Controlling the Human Element of Security , 2001 .

[48]  M. Angela Sasse,et al.  Users are not the enemy , 1999, CACM.

[49]  Shameek Konar,et al.  Information As Regulation: The Effect of Community Right to Know Laws on Toxic Emissions , 1997 .

[50]  Ross J. Anderson Why cryptosystems fail , 1993, CCS '93.

[51]  Alain Pagès,et al.  System Reliability , 1986 .

[52]  J. Hirshleifer From weakest-link to best-shot: The voluntary provision of public goods , 1983 .