TY - GEN
T1 - An economic analysis of regulating security investments in the Internet
AU - Khouzani, M. H R
AU - Sen, Soumya
AU - Shroff, Ness B.
PY - 2013/9/2
Y1 - 2013/9/2
N2 - Regulating the ISPs to adopt more security measures has been proposed as an effective method in mitigating the threats of attacks in the Internet. However, economic incentives of the ISPs and the network effects of security measures can lead to an under-investment in their adoption. We study the potential gains in a network's social utility when a regulator implements a monitoring and penalizing mechanism on the outbound threat activities of autonomous systems (ASes). We then show how free-riding can render regulations futile if the subset of ASes under the regulator's authority is smaller than a threshold. Finally, we show how heterogeneity of the ASes affect the responses of the ISPs and discuss how the regulator can leverage such information to improve the overall effectiveness of different security policies.
AB - Regulating the ISPs to adopt more security measures has been proposed as an effective method in mitigating the threats of attacks in the Internet. However, economic incentives of the ISPs and the network effects of security measures can lead to an under-investment in their adoption. We study the potential gains in a network's social utility when a regulator implements a monitoring and penalizing mechanism on the outbound threat activities of autonomous systems (ASes). We then show how free-riding can render regulations futile if the subset of ASes under the regulator's authority is smaller than a threshold. Finally, we show how heterogeneity of the ASes affect the responses of the ISPs and discuss how the regulator can leverage such information to improve the overall effectiveness of different security policies.
UR - http://www.scopus.com/inward/record.url?scp=84883121776&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84883121776&partnerID=8YFLogxK
U2 - 10.1109/INFCOM.2013.6566869
DO - 10.1109/INFCOM.2013.6566869
M3 - Conference contribution
AN - SCOPUS:84883121776
SN - 9781467359467
T3 - Proceedings - IEEE INFOCOM
SP - 818
EP - 826
BT - 2013 Proceedings IEEE INFOCOM 2013
T2 - 32nd IEEE Conference on Computer Communications, IEEE INFOCOM 2013
Y2 - 14 April 2013 through 19 April 2013
ER -