A
STYLE OF GROWTH OF COMPUTER AND INTERNET SECURITY BREACHES IN SRI LANKA
Background
This paper represents the
views towards the Computer & internet Security Breaches . Internet Security
Breaches has Become the Trend in Modern Society .For this study I Refer the “An analysis of the Growth of
Computer and Internet Security Breaches” As the Base Article regarding the Analyze of the Computer &
internet security breaches.
Methods
This
paper surveys recent literature and in the field of Cyber crime, intending to
find out the computer & internet security breaches . In order to gather
primary data it is expected to use the Questioner.
Results
In
this paper, researchers find that recent literature and the objectives of
analysis computer & internet security breaches, and limitation of the cyber
crime. and finally analyze the A style of growth of computer & internet
Security breaches.
Discussion
and Conclusion
This
exploratory study investigates the usefulness of the budgets, limitation of the
budgets and how to enhance the usefulness of the budgets.
Key words
Computer and Internet security
breaches, diffusion model, bad innovation, types of crimes, growth patterns of
crimes
Introduction
1.1 Introduction
In
the recent past it is very common to hear Cyber crime issues and breaches
relating to the Internet Security among world. Cyber crime appears to have
become a serious problem at internet security. Internet security can be
breached by the way of hacking, Stolen
laptop/computer, Passwords compromised, Theft by insider/employee, Missing
back-up tape.
Cyber crime can be done collectively or individually. There has been much
discussion about the impact of new technologies on internet security breaches.
1.2 Background of the study
Information
security “breaches” take many forms. These
include lost or misplaced disks or backup tapes, stolen laptops and cell
phones, hacked data, improperly secured websites, data lost or stolen in
transit, information taken by rogue employees, misdirected mail, and many other
forms. California data suggest that most are accidents, rather than the result
of deliberate attacks, and many are not so much “breaches” as incidents in
which data may — or may not — have been compromised. Most of these incidents do
not involve the Internet or other digital technologies. In fact, many involve
lost or misplaced information or equipment, rather than theft.
Breaches occur in a wide variety of settings,
Including many
industry sectors, government agencies, universities, and the not-for-profit community.
It appears that only a small percentage of
breaches actually involve any harmful use of data. There are many
reasons for this, including:
- Many
incidents described as information security breaches involve no effort to
misuse data at all. Data may be lost, rather than stolen, or obtained
incidental to the theft of some other valuable commodity and discarded or
destroyed without ever being accessed (for example, a laptop that is
stolen for the value of the machine and immediately wiped clean so that it
can be used by someone else).
- Not
all attempted misuses are successful; industry efforts to detect and block
fraudulent charges and illicit access to accounts are highly successful.
The financial services industry, for example, intercepts and blocks many
fraudulent credit card charges.
- Even the portion of those efforts to misuse personal information
that are successful usually result in no financial or physical harm to
consumers. The most recent data available indicates that 67% of victims of
identity-based frauds report suffering no economic loss and paying no
out-of-pocket expenses. The costs were usually paid by businesses,
andultimately by all consumers.pe
Information
security breaches are among the least common ways that personal information
falls into the wrong hands. In 2005,
for the half of victims of identity-based frauds who reported knowing
from where their information had been obtained, the most common source of
personal information, by a factor of two to one over any other category,
was “lost or stolen wallet, checkbook or credit card.”5 Family members
and relatives along with friends and neighbors make up half of all known
identity thieves.6 Consumers often end up unwittingly providing thieves with
access to sensitive data by failing to secure their own data, by
responding to fraud schemes, such as phishing and pharming, and by
careless use of their personal information.
s of Security Breaches (2005)
1.3 Objective of the study
Overall Objective
The
overall objective of the study is to evaluate the A style of growth of computer
and internet security breaches in Sri Lanka.
Specific
Aims
- To Find out the existing internet security
breaches among listed companies in Sri Lanka.
- To Find out the relationship between Internet
Security Breaches and Growth of computer among business.
Literature
Review
2.1 Summary of the base article
This study uses to analyze the
growth rates of different types of computer and Internet-related crimes. The
Security Breaches is an appropriate diffusion because it is capable of modeling
two opposite behaviors: (1) acts of attacks and imitation of attacks and (2)
deterrence acts to prevent such attacks. . This study was used to analyze
various types of attacks. The results indicated that growth patterns of
computer and Internet crimes differ in growth patterns and that a relationship
exists between occurrences of such security breaches and uses of certain
security technologies. Thus, for example, financial fraud and denial of service
are growing at a faster pace. The study also found, for example, that an
increase in virus-related incidents does not necessarily increase anti-virus
software use.
2.2 Literature Regarding the Topic
Computer and Internet-related
crimes show no signs of abatement. A 2003 survey conducted by the CSI/FBI
reports that 75% of surveyed firms and agencies detected computer security
breaches and acknowledged financial losses as a result of computer breaches
[Power, 2003]. CERT/CC [2003] reports computer security vulnerabilities nearly
doubled in 2002 with 2437 separate holes reported in 2001 and 4129 reported in
2002. Following the same trends, the number of reported incidents also
increased significantly with 52,658 documented in 2001 and 82,694 in 2002.
Through the continual monitoring of hundreds of Fortune 1000 companies, Riptech
found that general Internet attack trends are showing a 64% annual rate of
growth .
Neumann [1999] states that
costs of cyber crime are difficult to measure; however, these costsare
reasonably substantial and growing rapidly. Garg et al. [2003] attempted to
quantify the financial impact of IT security breaches by using event-study
methodology. They came to the same conclusion: IT breaches are extremely
costly. Lukasik [2000] claims that cyber crime costs are essentially doubling
each year. The problem becomes even more complicated when oneconsiders that
these crimes are underreported. Ullman and Ferrera, [1998] mention that,
according to FBI estimates, only 17 percent of computer crimes are reported to
government authorities.
Previous studies that focused on computer or
information systems security issues lack empirical results on how different
these security breaches are from one another and what their growth patterns
are. Such empirical studies are important because some attacks enormously and
rapidly disrupt the Internet infrastructure for a length of time, thus
resulting in millions of dollars in losses. For example, the “Code Red Worm”
virus infected more than 250,000 systems around the globe in nine hours on July
19, 2001, and its estimated total global economic impact was as much as $2.6
billion [Householder et al., 2002].
The growth of computer and
Internet security breaches can be studied from an innovation diffusion
perspective [Rogers, 2003]. Innovation diffusion literature is usually
concerned with good innovations and thus biased towards good innovations. The
study of bad innovations such as security attacks can alert readers to the fact
that innovations are not always good and what actions need to be taken to
prevent such bad innovations. The present study uses the concept of bad
innovations by using the modified Gompertz model [Pitcher et al., 1978] which
is capable of capturing attack incidences as well as deterrent activities. Based
on past experiences, it can be inferred that not all attacks deserve the same
attention and not all attacks may show the same type of growth rate. It is
important to know how these various crime rates are growing. This question
needs to be investigated empirically. Although estimation with a sparse set of
data at an earlier stage of growth is challenging, past studies proved it to be
useful. In this paper, we focus on different types of attacks, how these
evolved, whether different types of attacks evolved similarly, and how
deterrence effects are working.
The study is preliminary in
nature for a number of reasons. Literature is almost non-existent on this
topic. Data on different types of security breaches are sparse [Power, 2002].
One of the most referenced studies of security breaches, the CSI/FBI computer
crime and security survey by Richard Power, contains only a few years of recent
data [1996-2002]. Modeling such security breaches during the early stages of
data availability is difficult but extremely critical. Analysis withsparse data
is, however, not uncommon in research literature. For example, marketing
literature reports the forecasting of sales of new products with as few as five
years of data [Mahajan and Peterson, 1985]. The dynamic behavior of hundreds of
good innovations shows similar characteristics during the early phases of
growth as observed across many types of products [Bass, 1969; Mahajan et al.,
1985; Jepson, 1976]. Previous works on forecasting from early data
with a small number of data
points include Lawton and Lawton [1979], Tigert and Farivar [1981], Kalish and
Lilien [1986], Wright, Uprichard and Lewis [1997]. Lilien et al. [1981] and
Dalal et al. [1998] updated parameter estimates for a new product by using data
on similar products or expert judgment in a Bayesian framework. Sultan et
al.[1990] used meta-analysis-based prior information with a few data points on
a new product to obtain more robust posterior estimates.
In the absence of prior
information and data on Internet attacks, we use traditional diffusionmodels.
Previous research reports that the shape of sales curves of many innovative
products during the growth phase is similar [Mahajan et al., 1985]. Sales of
new products in the earlyphases tend to grow extremely rapidly. This high
growth rate tends to decrease over time andfinally the diffusion matures and
tapers off, as newer technologies replace older ones. Previous research also
found that while exponential or logistic curves are adequate for modeling
purposes in the growth phase, they are not adequate to model many innovations
at an earlier stage. A small error at an early stage can result in a large
effect on later time period forecasts [Martino, 1972].
Modified Gompertz curves, such
as the General Sales Growth Curve [Lieb Associates, 2001], are reported which
describe the data well and yield good curve fitting and forecasting of new
innovations in the early growth phases [Jepson, 1976; Lakhani, 1979]. The
Gompertz curve could be a good fit for innovations which rapidly increase in
the beginning and then taper off slowly. The point of inflection of the growth
curve occurs at 33% of total potential diffusion. Such a model isused in the
present study of bad innovations [Pitcher et al., 1978]. In addition, the model’s
explanatory power helps to understand how these attacks are developing and what
factors are behind such attacks.
Types of breaches
Some of the important security
breaches since 2001 are the results of the following attacks [CERT/CC, 2003]:
·
Multiple vulnerabilities
in the Internet Software Consortium's Berkeley Internet Name Domain (BIND)
server,
·
Sadmind/IIS
worm (a worm that exploits a vulnerability in Solaris systems and
subsequently installs software to attack
Microsoft IIS web servers),
·
Code Red worm
(a self-propagating malicious code that exploits IIS-enabled systems),
·
SirCam worm
(a malicious code that spreads through email and potentially through unprotected
network shares), and
·
Nimda blended
threat (a combination of worm, viruses, and other codes that propagates itself
via several methods, including email, network shares, or through an infected web
Research Method
3.1 Data
Collection and Methods
Source of data
Researchers
are expected to use both primary and secondary data. The primary data will be
used to bridge the research gap in the existing literature. The main source of
data is the data which collected from questionnaires. Separate questionnaire is
designed for the Analyze the style of growth. And a separate questionnaire is
designed for the analyze the computer and internet security breaches . Other
than that, many academic journals and articles will be used as sources of data.
Collection of data
A
separate questionnaire is designed for the analyze the style of growth and
analyze the computer and internet security breaches.. In the first section of
questionnaire is designed to collect demographic information such as
designation, gender, age, Industry and etc. From next part onwards it is being
asked the view point of computer crimes.
Besides
the information gathered from the questionnaires it is expected to use various documents available in the university web
sites as the secondary data source.
3.2 Population &
sample
Population
of this study contained all listed companies in the sri lanka . The reason for
the selection of listed companies in sri lanka for this study is due to the
information accessibility. The study sample of 40 participants will be
generated by using stratified sampling methods.
3.3 Data Management
The
collected data will be fed to the SPSS software which is one of the best soft
ware’s to analysis data, especially in quantitative nature. All the questions
in the questionnaires are available in SPSS windows with the given answers and
will be coded accordingly. All the questionaries’ themselves available
reference numbers, therefore the easy access to the information is highly
protected. The information feeding process to SPSS is done in highly accurate
manner. One person entered data to SPSS, and another person has to recheck the
accuracy of data. Third person has confirmed the accuracy of the coding system.
Data Analysis Strategies
Secondary data, which were
collected through a comprehensive review of literature as detailed in the
literature review of this proposal, analyzed to identify gaps in the existing
body of knowledge on the issues pertinent to the research topic. The research
gaps identified were used as a basis for reaffirming the relevance of the
research problem, developing the research.
Primary data will be
collected using questionnaires and analyze quantitatively. It is expected to
analysis data by using SPSS software. For all demographic questions it is
panned to generate frequency analysis. The factor analysis is also going to be
tested. More importantly it is expected to carry out parametric and non-
parametric analysis as appropriately to identify the significance relationships
in the collected data. Other than that reliability test, t- tests, post hoc
tests, regression analysis also going to be tested.
Chapter
4 Data Analysis
Mostly though, previous
studies lack empirical results on how different types of attacks grow or
provide reliable models of such attack growths. This understanding is
important. Some attacks enormously and rapidly disrupt the Internet
infrastructure for a length of time, thus resulting in millions of lost
dollars. For example, the infamous "Melissa" virus in 1999 infected
thousands of computers with rapid speed, causing an estimated $80 million in
damages [CCITS, 2002]. The growth process can be studied from an innovation
diffusion perspective [Rogers, 1991]. The four main elements in the diffusion
process are:
1. the innovation (good or
bad),
2. channels of communication,
3. time, and
4. the social system.
Although imitative and
deterrence acts constitute the background of any attack scenario, the rates of
imitation and deterrence may not be the same. When the rate of instigation
increases it may mean an overall increase in deterrence rate as more and more
security products will be developed. As these products come onto the market,
attackers find ways to bypass these products and refine their attacks, which in
turn leads to more refined security products. This cycle of reinforcing attack
and deterrence continues.
Secanario1: Relative increase in net instigation rate is related to relative
increase in
deterrence rate.
Thus, preventive measures are
assumed to be thoroughly outweighed by attacks. Therefore, it is expected that
the value of c, the net rate of instigation will be much higher than the value
of q, the rate of deterrence or inhibition.
Scenario 2: Values of the
net rate of instigation, c, will be much higher than values of q, the rate of
inhibition for computer and Internet-related bad innovations, i.e., digital
crimes and security breaches.
Although reported computer
crimes are of many types, not all of them are equally popular, due to economic,
political, technical and a variety of other reasons. At the beginning, hacking
was done primarily for intellectual satisfaction, to break a system. In recent
times however, financial profit considerations are one of the main reasons for
computer crimes.
Scenario 3: Not all
computer crimes and security breaches show similar growth rates
Security tools or defensive
cyber weapons include encryption, authentication, access controls, firewalls,
anti-viral software, audit tools, and intrusion detection systems [Denning,
2000]. Although new security tools are being developed (for example, biometrics
and digital IDs) and security technologies are increasingly used by many firms,
it is useful to investigate whether and how usage is related to attacks that
occur. Thus, denial of service attacks, proprietary information theft, and
system penetration attacks should lead to more use of intruder detection
software, encryption, and firewalls; virus attacks should lead to more
antivirus software use and encryption.
Secanario 4: The more security incidents happen, the more
security technologies are used
4a. system penetration attacks
should lead to more use of intruder detection software,encryption, and
firewalls
4b. denial of service attacks
should lead to more use of intruder detection software,
encryption, and firewall
4c. proprietary information
theft should lead to more use of intruder detection software,
encryption, and firewalls
4d. virus attacks should lead
to more antivirus software use and encryption use.
Table shows the distribution
of the respondents who reported attacks by industry sector. The distribution did
not change much over the four year period.
.
|
Industry sector |
% |
|
Manufactring |
40 |
|
Service |
10 |
|
Banking |
20 |
|
Insurance |
10 |
|
Other |
20 |
Result
The figure captures the fit of
the power function of the relationship between q and
c. The function is: q =
.089c(2.19) (R2 = .66). An increase in net instigation rate is greater than the
corresponding relative increase in inhibition rate. This result is consistent
with results obtained from other types of crimes [Pitcher et al., 1978]. The
moderate fit and the positive value of c support Proposition 1.
Values of net instigation
rate, c, will be much higher than values of inhibition rate,
q, for computer and
Internet-related bad innovations, i.e., computer crimes and security breaches.
The R2 value from the model fits are high (.80-.99). The values of q and c are
different, for each type of
security breach, with values of c much higher than q. When c> q, overall
impact of net instigation is more than the inhibition rate and vice versa. The
results are again consistent with the results obtained from other types of
crimes
Not all computer crimes and
security breaches show similar growth rates. The pair of values of q and c, as
obtained from each run, is very different for each type of crimes, thus
confirming Proposition 3. Of these viruses, financial fraud, and theft of
proprietary information are projected to be significant and costly in the near
future. Denial of service is rising rapidly. Telecom fraud, active wiretapping,
laptop theft, and unauthorized insider access will be lower. By comparison, the
rest of the crimes are projected to be at a moderate level of intensity.
Conclusion
Of the four propositions
explored in this study, three (Propositions 1-3) were strongly confirmed while
the remaining one (Proposition 4) was partially confirmed. In summary, the
results of this study led us to conclude that
·
Relative
increase in net instigation rate is related to relative increase in inhibition
rate which implies that the increasing attack incidences will force organizations
and governments to come up with means of preventing or reducing them
·
For computer
and Internet-related attacks (bad innovations), the values of net instigation
rate is higher than values of inhibition rate, implying more efforts and resources
need to be applied toward inhibiting attacks;
·
Different
computer crimes and security breaches grow at different rates, which implies that
all these crimes should not receive the same level of attention because some
crimes are likely to spread more rapidly than others;
·
Real world
practice does not always follow the common notion that as more attac incidents
occur, more security technologies are used. This finding may imply that organizations
and governments do not necessarily spend money on security measures in proportion
to the frequency of attack incidences. Ninety percent of respondents in the 2002 survey, for example, used anti-virus
software; however, at least 10-15% of respondents
did not detect any virus, due probably to non-use or ignorance [Power, 2002]. Viruses are among those attack
incidents that caused financial losses.
This article is a first attempt to identify
the nature of growth of various computer and Internet related crimes, using a sparse set of
data. First, a model was selected for bad innovation modeling which can
represent both imitative and inhibitive behaviors in attacks. Next, the model was
used to derive and compare various types of attack statistics with a sparse set
of data
Reference
Arquilla, J. (2001)
Networks and Netwars: The Future of
Terror, Crime, and Militancy, Santa Monica, CA: RAND Corporation.
Atkins, D.(199 6) Internet Security Professional Reference.
Indianapolis, IN: New Riders Pub.
Attrition (2001) http://www.attrition.org/mirror/attrition/stats.html
Last consulted 11-27-03.
Bass, F.M. (1969)
"A New Product Growth Model for Consumer Durables" Management Science, pp. 215-227.
Bandura, A. (1986) Social Foundations of Thought and Action.
Englewood Cliffs, NJ: Prentice- Hall. A CCITS/Infosech Presentation on Internet
Security,2002.
CERT/CC Web Site, http://www.cert.org .Last consulted
12-06-03.
Convention on
Cybercrime http://conventions.coe.int/Treaty/EN/cadreNews.htm
.Last consulted 12-06-03.
Computer Fraud and
Abuse Statute, (2002) http://nsi.org/Library/Compsec/cfa.txt
.Last consulted 12-06-03.
CTNEWS(2002) http://www.cnetnews.com. Last consulted
11-06-03.
Dalal, S., Ho, Y.
and Sherman, R. (1998) “Learning from Experience to Improve Early Forecasts:
A Posterior Mode
Approach” In Business and Economic for the 21st Century, Vol. II
Worcester, MA:
Business and Economics Society International,. pp. 338-353.
Denning, D.(2000)
“Reflections on Cyber weapons Controls” Computer
Security Journal, (XVI) 4.
Denning, D. (1998) Information Warfare and Security, Upper
Saddle River, NJ: PearsonEducation.
Communications of
the Association for Information Systems (Volume12, 2003)684-700 699
Ford, R. (1999) “No
Surprises in Melissa Land” Computers and
Security, (18), pp. 300-302.
Garg, A., Curtis,
J. and Halper, H. (2003) “Quantifying the Financial Impact of IT Security
Breaches” Information Management &
Security (11)2, pp. 74-83.
Householder, A.,
Houle, K. and Dougherty, C. (2002) “Computer Attack Trends Challenge
Internet Security,
Security and Privacy” Supplement to Computer, IEEE Computer
Society.
Jepson, C., E. I. DuPont de Nemours & Co., Inc,Internal
Presentation, 1976.
Kalish, S. and
Lilien, G. (1986) “A Market Entry Timing Model for New Technologies”
Management Science, 32 (2), pp. 194-205.
Katz, M. and
Shapiro, C. (1986) “Technology Adoption in the Presence of Network
Externalities” Journal of Political
Economy (94), pp. 822-841.
Krebs, B. (2003).
“Good' Worm Fixes Infected Computers” http://www.washingtonpost.com/wpdyn/
articles/A9531-2003Aug18.html. Last consulted
12-06-03.
Lakhani, H. (1979)
"Empirical Implications of Mathematical Functions Used to Analyze Market
Penetration of New Products" Technological
Forecasting and Social Change (15)2, pp. 147-156.
Lawton, S. B. and
Lawton, W. H. (1979) “An Autocatalytic Model for the Diffusion of Educational
Innovations” Educational Administrative
Quarterly, 15 (1), pp. 19-46.
Lukasik, S.
J.(2000) “Protecting the Global Information Commons" Telecommu-nication Policy, (24)6-7, pp. 519-531.
Mahajan, V.,
Muller, E. and Bass, F. M. (1990) "New Product Diffusion Models in
Marketing: A Review and Directions for Research" Journal of Marketing, (54), pp. 1-26.
Mahajan, V. and
Peterson, R. (1987) “Models for Innovation Diffusion,” Sage University Paper
series on Quantitative Applications in the Social Sciences, (2nd Ed.), Beverly
Hills: SAGE Publications.
Martino, J. P.
(1972) "The Effect of Errors in Estimating the Upper Limit of a Growth
Curve" Technological Forecasting and
Social Change, (4), pp. 77-84.
McCrohan, K. F.
(2003) “Facing the Threats to Electronic Commerce” Journal of Business & Industrial Marketing, 18 (2) , pp. 133-145.
Neumann, P. (1999)
“Information System Adversities and Risks” presented at the Conference on
International Cooperation to Combat Cyber Crime and Terrorism, Stanford, CA:
Hoover Institution, , pp. 1-2, 3. http://www.oas.org/juridico/english/information_system_
adversities_a.htm
Parker, D.B. (1983)
Fighting Computer Crime. New York:
Scribner's.
Pitcher, B.,
Hamblin, R. and Miller, J. (1978) “The Diffusion of Collective Violence” American Sociological Review, (43),
pp.23-35.
Power, R. (2002)
“CSI/FBI Computer Crime and Security Survey” Computer Security Issues and Trends, (8)1, pp. 1-22.
Ratnasingam, P.
(2002) “The Important of Technology Trust in Web Services Security”
Information Management & Computer Security, (10)5, pp. 255-260.
Richardson, R.
(2003) The 2003 CSI/FBI Computer Crime and Security Survey. San Francisco: Computer Security Institute Inc., pp.
1-20.
Rogers, E. (2003) The Diffusion of Innovation. New York:
Free Press.
Smith, A. D. and
Rupp, W. T. (2002) “Issues in Cybersecurity: Understanding the Potential Risks
Associated with Hackers/Crackers” Information
Management & Computer Security, (10)4, pp. 178-183.
Sofaer, A. D. and
Goodman, S. (Eds), (2001) The
Transnational Dimension of Cyber Crime and Terrorism, Hoover National
Security Forum Series, Stanford, CA: Hoover
Institution Press.SPSS 11 Syntax Reference Guide, 2003.
Chicago IL: SPSS Publication Sales.
Straub, D.W. (1990)
“Effective IS Security: An Empirical Study’’ Information Systems Research, (1)3, pp. 255-276.
Straub, D.,
Carlson, P. and Jones, E. (1993) “Deterring Highly Motivated Computer Abusers:
A Field Experiment in Computer Security” Journal
of Management Systems (5)1, pp. 33-48.
Straub, D. and
Welke , R. (1998) “Coping with Systems Risk: Security Planning Models for Management
Decision-Making” MIS Quarterly,
(22)4, pp. 441-469.
Sultan, F., Farley,
J., and Lehmann, D. (1990) “A Meta-Analysis of Applications of Diffusion Models"
Journal of Marketing Research, (27),
pp. 70-77.
Tigert, D. and
Farivar, B. (1981) “The Bass New Product Growth Model: A Sensitivity Analysis
for a High Technology Product”. Journal
of Marketing, (45), pp. 81-90.
Ullman, R. and
Ferrera, D. (1998) “Crime on the Internet,” Boston
Bar Journal, Nov./Dec., no.6. Wright, M. Upritchard, C. and Lewis, T.
(1997) “A Validation of the Bass New Product Diffusion Model in New Zealand” Marketing Bulletin, (8), pp. 15-29.
