Deterrence of Cyber Attackers in a Three-Player Behavioral Game

This study describes a three-player cyber security game involving an attacker, a defender, and a user. An attacker must choose to attack the defender or the user or to forego an attack altogether. Conversely, defender (e.g., system administrator) and user (e.g., individual system user) must choose between either a “standard” or “enhanced” security level. Deterrence is operationalized as a decision by an attacker to forego an attack. We conducted two behavioral experiments in which players were assigned to the cyber attacker role over multiple rounds of a security game and were incentivized based on their performance. The defender and user’s decisions were based on a joint probability distribution over their two options known to the attacker. Coordination between the defender and user is manipulated via the joint probability distribution. Results indicate that attacker deterrence is influenced by coordination between defender and user.

[1]  Clement Guitton,et al.  Criminals and Cyber Attacks: The Missing Link between Attribution and Deterrence , 2012 .

[2]  J. Gibbs Crime, punishment, and deterrence , 1975 .

[3]  Shari Lawrence Pfleeger,et al.  Leveraging behavioral science to mitigate cyber security risk , 2012, Comput. Secur..

[4]  A. Tversky,et al.  Choices, Values, and Frames , 2000 .

[5]  Jian Hua,et al.  How Can We Deter Cyber Terrorism? , 2012, Inf. Secur. J. A Glob. Perspect..

[6]  R. Dacey,et al.  Perception of randomness and predicting uncertain events , 2008 .

[7]  Hattie M. Jones,et al.  The Restrictive Deterrent Effect of Warning Messages on the Behavior of Computer System Trespassers , 2014 .

[8]  Charles R. Tittle,et al.  Crime Rates and Legal Sanctions , 1969 .

[9]  A. Tversky,et al.  BELIEF IN THE LAW OF SMALL NUMBERS , 1971, Pediatrics.

[10]  R. Sharma Peeping into a Hacker's Mind: Can Criminological Theories Explain Hacking? , 2007 .

[11]  Michel Cukier,et al.  RESTRICTIVE DETERRENT EFFECTS OF A WARNING BANNER IN AN ATTACKED COMPUTER SYSTEM , 2014 .

[12]  P. Todd,et al.  Expectations of clumpy resources influence predictions of sequential events , 2011 .

[13]  Richard Barber Hackers Profiled — Who Are They and What Are Their Motivations? , 2001 .

[14]  Paul K. Huth DETERRENCE AND INTERNATIONAL CONFLICT: Empirical Findings and Theoretical Debates , 1999 .

[15]  Tony Lingham,et al.  How Hackers Think: A Study of Cybersecurity Experts and Their Mental Models , 2013 .

[16]  Donn B. Parker,et al.  Fighting computer crime - a new framework for protecting information , 1998 .

[17]  Peter Hoath,et al.  Hacking: Motivation and deterrence, part II , 1998 .

[18]  Charles H. Logan,et al.  General Deterrent Effects of Imprisonment , 1972 .

[19]  Siew H. Chan,et al.  An Empirical Investigation Of Hacking Behavior , 2011, BIS 2011.

[20]  Andreas Wilke,et al.  The hot hand phenomenon as a cognitive adaptation to clumped resources , 2009 .

[21]  Brent Wible A Site Where Hackers Are Welcome: Using Hack-In Contests To Shape Preferences and Deter Computer Crime , 2003 .

[22]  Theodore Wilson Restrictive deterrence and the severity of hackers' attacks on compromised computer systems , 2014 .

[23]  Qing Hu,et al.  Future directions for behavioral information security research , 2013, Comput. Secur..

[24]  C. Whytock,et al.  Who Won Libya? The Force-Diplomacy Debate and Its Implications for Theory and Policy , 2006, International Security.