Help
Cart
Skip main navigation

Available Issues

December 4, 2012 - March 5, 2026

Available Issues

December 4, 2012 - March 5, 2026

When Hackers Err: The Impacts of False Positives on Information Security Games

Published Online:17 May 2018https://doi.org/10.1287/deca.2017.0363

References

  • Alagoz O, Chhatwal J, Burnside ES (2013) Optimal policies for reducing unnecessary follow-up mammography exams in breast cancer diagnosis. Decision Anal. 10(3):200–224.LinkGoogle Scholar
  • Antonopoulos AM (2010) Honeypots for hacker detection. Network World (July 6), http://www.networkworld.com/article/2213251/network-security/honeypots-for-hacker-detection.html.Google Scholar
  • Bakır NO (2008) A decision tree model for evaluating countermeasures to secure cargo at United States southwestern ports of entry. Decision Anal. 5(4):230–248.LinkGoogle Scholar
  • BBC News (2016) Online fraud: Top Nigerian scammer arrested. (August 1), http://www.bbc.com/news/world-africa-36939751.Google Scholar
  • Bier V, Oliveros S, Samuelson L (2007) Choosing what to protect: Strategic defensive allocation against an unknown attacker. J. Public Econom. Theory 9(4):563–587.CrossrefGoogle Scholar
  • Blum DM, Paté-Cornell E (2016) Probabilistic warnings in national security crises: Pearl Harbor revisited. Decision Anal. 13(1):1–25.LinkGoogle Scholar
  • Brandt P, Sandler T (2010) What do transnational terrorists target? Has it changed? Are we safer? J. Conflict Resolution 54(2):214–236.CrossrefGoogle Scholar
  • Bulgurcu B, Cavusoglu H, Benbasat I (2010) Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness. MIS Quart. 34(3):523–548.CrossrefGoogle Scholar
  • Cavusoglu H, Raghunathan S (2004) Configuration of detection software: A comparison of decision and game theory approaches. Decision Anal. 1(3):131–148.LinkGoogle Scholar
  • Cavusoglu H, Mishra B, Raghunathan S (2005) The value of intrusion detection systems in information technology security architecture. Inform. Systems Res. 16(1):28–46.LinkGoogle Scholar
  • Cavusoglu H, Raghunathan S, Cavusoglu H (2009) Configuration of and interaction between information security technologies: The case of firewalls and intrusion detection systems. Inform. Systems Res. 20(2):198–217.LinkGoogle Scholar
  • Cavusoglu H, Raghunathan S, Yue W (2008) Decision-theoretic and game-theoretic approaches to it security investment. J. Management Inform. Systems 25(2):281–304.CrossrefGoogle Scholar
  • Cavusoglu H, Kwark Y, Mai B, Raghunathan S (2013) Passenger profiling and screening for aviation security in the presence of strategic attackers. Decision Anal. 10(1):63–81.LinkGoogle Scholar
  • Chivers H, Clark JA, Nobles P, Shaikh SA, Chen H (2013) Knowing who to watch: Identifying attackers whose actions are hidden within false alarms and background noise. Inform. Systems Frontier 15(1):17–34.CrossrefGoogle Scholar
  • Duan Z, Chen P, Dong Y, Stephenson M, Barker J (2012) Detecting spam zombies by monitoring outgoing messages. IEEE Trans. Dependable Secure Comput. 9(2):198–210.CrossrefGoogle Scholar
  • Durst R, Champion T, Witten B, Miller E, Spagnuolo L (1999) Testing and evaluating computer intrusion detection systems. Comm. ACM 42(7):53–61.CrossrefGoogle Scholar
  • Gao X, Zhong W (2015) Information security investment for competitive firms with hacker behavior and security requirements. Ann. Oper. Res. 235(1):277–300.CrossrefGoogle Scholar
  • Guan P, He M, Zhuang J, Hora SC (2017) Modeling a multitarget attacker—Defender game with budget constraints. Decision Anal. 14(2):87–107.LinkGoogle Scholar
  • Hannah D, Robertson K (2015) Why and how do employees break and bend confidential information protection rules? J. Management Stud. 52(3):381–413.CrossrefGoogle Scholar
  • Hausken K (2016) A cost-benefit analysis of terrorist attacks. Defense Peace Econom. 29(2):111–129.CrossrefGoogle Scholar
  • Hausken K (2017) Security investment, hacking, and information sharing between firms and between hackers. Games 8(2):23.CrossrefGoogle Scholar
  • Herley C (2012) Why do Nigerian scammers say they are from Nigeria? Proc. Workshop Econom. Inform. Security, June 25–26, Berlin.Google Scholar
  • Herley C (2013) Small world: Collisions among attackers in a finite population. Proc. 12th Workshop Econom. Inform. Security, June 11–12, Washington, DC.Google Scholar
  • Kuwatly I, Sraj M, Al Masri Z (2004) A dynamic honeypot design for intrusion detection. Pervasive Services, 2004. ICPS 2004. IEEE/ACS Internat. Conf. (IEEE, New York), 95–104.Google Scholar
  • Liang H, Xue Y, Wu L (2013) Ensuring employees’ IT compliance: Carrot or stick? Inform. Systems Res. 24(2):279–294.LinkGoogle Scholar
  • Lippmann RP, Fried DJ, Graf I, Haines JW, Kendall KR, McClung D, Weber Det al. (2000) Evaluating intrusion detection systems: The 1998 DARPA off-line intrusion detection evaluation. DARPA Inform. Survivability Conf. Exposition, 2000. DISCEX’00. Proc., January 25–27, Hilton Head, SC, Vol. 2 (IEEE, New York), 12–26.Google Scholar
  • Levitin G, Hausken K, Taboada H, Coit D (2012) Data survivability vs. security in information systems. Reliability Engrg. System Safety 100:19–27.CrossrefGoogle Scholar
  • McHugh J (2000) Testing intrusion detection systems: A critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln laboratory. ACM Trans. Inform. System Security (TISSEC) 3(4):262–294.CrossrefGoogle Scholar
  • Ni KS, Faissol D, Edmunds T, Wheeler R (2013) Exploitation of ambiguous cues to infer terrorist activity. Decision Anal. 10(1):42–62.LinkGoogle Scholar
  • Persico N, Todd P (2005) Passenger profiling, imperfect screening, and airport security. Amer. Econom. Rev. 95(2):127–131.CrossrefGoogle Scholar
  • Rezk A, Ali H, El-Mikkawy M, Barakat S (2011) Minimize the false positive rate in a database intrusion detection system. Internat. J. Comput. Sci. Inform. Tech. 3(5):29–38.CrossrefGoogle Scholar
  • Salman M, Budiardjo B, Ramli K (2014) Measuring accuracy in identifying and detecting unauthorized access point using proactive intrusion detection approach in wireless networks. Internat. J. Comput. Sci. Network Security 14(6):7–12.Google Scholar
  • Siponen M, Mahmood M, Pahnila S (2014) Employees’ adherence to information security policies: An exploratory field study. Inform. Management 51:217–224.CrossrefGoogle Scholar
  • Solms B, Solms R (2004) The 10 deadly sins of information security management. Comput. Security 23:371–376.CrossrefGoogle Scholar
  • Son J (2011) Out of fear or desire? Toward a better understanding of employees’ motivation to follow IS security policies. Inform. Management 48:296–302.CrossrefGoogle Scholar
  • Spitzner L (2003) Honeypots: Tracking Hackers (Pearson Education, Boston).Google Scholar
  • Stahl S, Pease K (2011) Seven requirements for successfully implementing information security policies and standards. Report, Citadel Information Group, Los Angeles.Google Scholar
  • Trees H, Bell K, Tian Z (2013) Detection, Estimation and Modulation Theory, Part I: Detection, Estimation, and Filtering Theory, 2nd ed. (John Wiley & Sons, Hoboken, NJ).Google Scholar
  • Ulvila JW, Gaffney JE Jr (2004) A decision analysis method for evaluating computer intrusion detection systems. Decision Anal. 1(1):35–50.LinkGoogle Scholar
  • van Binsbergen JH, Marx LM (2007) Exploring relations between decision analysis and game theory. Decision Anal. 4(1):32–40.LinkGoogle Scholar
  • Willis HH, Moore M (2014) Improving the value of analysis for biosurveillance. Decision Anal. 11(1):63–81.LinkGoogle Scholar
  • Zhuang J, Bier V (2007) Balancing terrorism and natural disasters—Defensive strategy with endogenous attacker effort. Oper. Res. 55(5):976–991.LinkGoogle Scholar
Previous
Back to Top
Next
INFORMS site uses cookies to store information on your computer. Some are essential to make our site work; Others help us improve the user experience. By using this site, you consent to the placement of these cookies. Please read our Privacy Statement to learn more.
Agree