Computer security is a field that is fundamentally co-dependent--driven to respond by the actions of adversaries. This dance fuels both the research community and a multi-billion-dollar computer security industry. However, to date most efforts have focused on the technical components of this battle: identifying new vulnerabilities, exploits, and attacks, building and deploying new defenses, and so on. In this talk, I will argue for a complementary research agenda based on understanding the economic forces that drive today's Internet attacks, deconstructing the underlying value chain for attackers and ultimately using this information to better focus on security interventions. I will provide a rough sketch of the modern cyber-criminal ecosystem, describe its dependencies, and highlight some of the key open questions that motivate our focus. Using a range of activities, including our own completed studies, work in progress, and work in development, I'll illustrate how many of these questions can be tackled empirically. Finally, I'll discuss the real and significant challenges in conducting this sort of research and in bringing it to appropriate stakeholders.
There is no downloadable version of the slides for this talk available at this time.
About the speaker:
Stefan Savage's research interests lie at the intersection of distributed systems, networking, and computer security, with a current focus on embedded security and the economics of cybercrime. He currently serves as director of UCSD's Center for Network Systems (CNS) and as co-director for the Cooperative Center for Internet Epidemiology and Defenses (CCIED).
Professor of Computer Science
University of California, San Diego
Email: savage (AT) cs.ucsd.edu