A STYLE OF GROWTH OF COMPUTER AND INTERNET SECURITY BREACHES IN SRI LANKA

Background

This paper represents the views towards the Computer & internet Security Breaches . Internet Security Breaches has Become the Trend in Modern Society .For this study I Refer the “An analysis of the Growth of Computer and Internet Security Breaches” As the Base Article regarding the Analyze of the Computer & internet security breaches.

Methods

This paper surveys recent literature and in the field of Cyber crime, intending to find out the computer & internet security breaches . In order to gather primary data it is expected to use the Questioner.

Results

In this paper, researchers find that recent literature and the objectives of analysis computer & internet security breaches, and limitation of the cyber crime. and finally analyze the A style of growth of computer & internet Security breaches.

Discussion and Conclusion

This exploratory study investigates the usefulness of the budgets, limitation of the budgets and how to enhance the usefulness of the budgets.

Key words

Computer and Internet security breaches, diffusion model, bad innovation, types of crimes, growth patterns of crimes

Chapter 1 Introduction

1.1 Introduction

In the recent past it is very common to hear Cyber crime issues and breaches relating to the Internet Security among world. Cyber crime appears to have become a serious problem at internet security. Internet security can be breached by the way of hacking, Stolen laptop/computer, Passwords compromised, Theft by insider/employee, Missing back-up tape. Cyber crime can be done collectively or individually. There has been much discussion about the impact of new technologies on internet security breaches.

1.2 Background of the study

Information security “breaches” take many forms. These include lost or misplaced disks or backup tapes, stolen laptops and cell phones, hacked data, improperly secured websites, data lost or stolen in transit, information taken by rogue employees, misdirected mail, and many other forms. California data suggest that most are accidents, rather than the result of deliberate attacks, and many are not so much “breaches” as incidents in which data may — or may not — have been compromised. Most of these incidents do not involve the Internet or other digital technologies. In fact, many involve lost or misplaced information or equipment, rather than theft.

Breaches occur in a wide variety of settings,

Including many industry sectors, government agencies, universities, and the not-for-profit community.

It appears that only a small percentage of breaches actually involve any harmful use of data. There are many reasons for this, including:

Many incidents described as information security breaches involve no effort to misuse data at all. Data may be lost, rather than stolen, or obtained incidental to the theft of some other valuable commodity and discarded or destroyed without ever being accessed (for example, a laptop that is stolen for the value of the machine and immediately wiped clean so that it can be used by someone else).

Not all attempted misuses are successful; industry efforts to detect and block fraudulent charges and illicit access to accounts are highly successful. The financial services industry, for example, intercepts and blocks many fraudulent credit card charges.

Even the portion of those efforts to misuse personal information that are successful usually result in no financial or physical harm to consumers. The most recent data available indicates that 67% of victims of identity-based frauds report suffering no economic loss and paying no out-of-pocket expenses. The costs were usually paid by businesses, andultimately by all consumers.pe

Information security breaches are among the least common ways that personal information falls into the wrong hands. In 2005, for the half of victims of identity-based frauds who reported knowing from where their information had been obtained, the most common source of personal information, by a factor of two to one over any other category, was “lost or stolen wallet, checkbook or credit card.”5 Family members and relatives along with friends and neighbors make up half of all known identity thieves.6 Consumers often end up unwittingly providing thieves with access to sensitive data by failing to secure their own data, by responding to fraud schemes, such as phishing and pharming, and by careless use of their personal information.

Security Breaches (2005)

1.3 Objective of the study

Overall Objective

The overall objective of the study is to evaluate the A style of growth of computer and internet security breaches in Sri Lanka.

Specific Aims

To Find out the existing internet security breaches among listed companies in Sri Lanka.
To Find out the relationship between Internet Security Breaches and Growth of computer among business.

Chapter 2 Literature Review

2.1 Summary of the base article

This study uses to analyze the growth rates of different types of computer and Internet-related crimes. The Security Breaches is an appropriate diffusion because it is capable of modeling two opposite behaviors: (1) acts of attacks and imitation of attacks and (2) deterrence acts to prevent such attacks. . This study was used to analyze various types of attacks. The results indicated that growth patterns of computer and Internet crimes differ in growth patterns and that a relationship exists between occurrences of such security breaches and uses of certain security technologies. Thus, for example, financial fraud and denial of service are growing at a faster pace. The study also found, for example, that an increase in virus-related incidents does not necessarily increase anti-virus software use.

2.2 Literature Regarding the Topic

Computer and Internet-related crimes show no signs of abatement. A 2003 survey conducted by the CSI/FBI reports that 75% of surveyed firms and agencies detected computer security breaches and acknowledged financial losses as a result of computer breaches [Power, 2003]. CERT/CC [2003] reports computer security vulnerabilities nearly doubled in 2002 with 2437 separate holes reported in 2001 and 4129 reported in 2002. Following the same trends, the number of reported incidents also increased significantly with 52,658 documented in 2001 and 82,694 in 2002. Through the continual monitoring of hundreds of Fortune 1000 companies, Riptech found that general Internet attack trends are showing a 64% annual rate of growth .

Neumann [1999] states that costs of cyber crime are difficult to measure; however, these costsare reasonably substantial and growing rapidly. Garg et al. [2003] attempted to quantify the financial impact of IT security breaches by using event-study methodology. They came to the same conclusion: IT breaches are extremely costly. Lukasik [2000] claims that cyber crime costs are essentially doubling each year. The problem becomes even more complicated when oneconsiders that these crimes are underreported. Ullman and Ferrera, [1998] mention that, according to FBI estimates, only 17 percent of computer crimes are reported to government authorities.

Previous studies that focused on computer or information systems security issues lack empirical results on how different these security breaches are from one another and what their growth patterns are. Such empirical studies are important because some attacks enormously and rapidly disrupt the Internet infrastructure for a length of time, thus resulting in millions of dollars in losses. For example, the “Code Red Worm” virus infected more than 250,000 systems around the globe in nine hours on July 19, 2001, and its estimated total global economic impact was as much as $2.6 billion [Householder et al., 2002].

The growth of computer and Internet security breaches can be studied from an innovation diffusion perspective [Rogers, 2003]. Innovation diffusion literature is usually concerned with good innovations and thus biased towards good innovations. The study of bad innovations such as security attacks can alert readers to the fact that innovations are not always good and what actions need to be taken to prevent such bad innovations. The present study uses the concept of bad innovations by using the modified Gompertz model [Pitcher et al., 1978] which is capable of capturing attack incidences as well as deterrent activities. Based on past experiences, it can be inferred that not all attacks deserve the same attention and not all attacks may show the same type of growth rate. It is important to know how these various crime rates are growing. This question needs to be investigated empirically. Although estimation with a sparse set of data at an earlier stage of growth is challenging, past studies proved it to be useful. In this paper, we focus on different types of attacks, how these evolved, whether different types of attacks evolved similarly, and how deterrence effects are working.

The study is preliminary in nature for a number of reasons. Literature is almost non-existent on this topic. Data on different types of security breaches are sparse [Power, 2002]. One of the most referenced studies of security breaches, the CSI/FBI computer crime and security survey by Richard Power, contains only a few years of recent data [1996-2002]. Modeling such security breaches during the early stages of data availability is difficult but extremely critical. Analysis withsparse data is, however, not uncommon in research literature. For example, marketing literature reports the forecasting of sales of new products with as few as five years of data [Mahajan and Peterson, 1985]. The dynamic behavior of hundreds of good innovations shows similar characteristics during the early phases of growth as observed across many types of products [Bass, 1969; Mahajan et al., 1985; Jepson, 1976]. Previous works on forecasting from early data

with a small number of data points include Lawton and Lawton [1979], Tigert and Farivar [1981], Kalish and Lilien [1986], Wright, Uprichard and Lewis [1997]. Lilien et al. [1981] and Dalal et al. [1998] updated parameter estimates for a new product by using data on similar products or expert judgment in a Bayesian framework. Sultan et al.[1990] used meta-analysis-based prior information with a few data points on a new product to obtain more robust posterior estimates.

In the absence of prior information and data on Internet attacks, we use traditional diffusionmodels. Previous research reports that the shape of sales curves of many innovative products during the growth phase is similar [Mahajan et al., 1985]. Sales of new products in the earlyphases tend to grow extremely rapidly. This high growth rate tends to decrease over time andfinally the diffusion matures and tapers off, as newer technologies replace older ones. Previous research also found that while exponential or logistic curves are adequate for modeling purposes in the growth phase, they are not adequate to model many innovations at an earlier stage. A small error at an early stage can result in a large effect on later time period forecasts [Martino, 1972].

Modified Gompertz curves, such as the General Sales Growth Curve [Lieb Associates, 2001], are reported which describe the data well and yield good curve fitting and forecasting of new innovations in the early growth phases [Jepson, 1976; Lakhani, 1979]. The Gompertz curve could be a good fit for innovations which rapidly increase in the beginning and then taper off slowly. The point of inflection of the growth curve occurs at 33% of total potential diffusion. Such a model isused in the present study of bad innovations [Pitcher et al., 1978]. In addition, the model’s explanatory power helps to understand how these attacks are developing and what factors are behind such attacks.

Types of breaches

Some of the important security breaches since 2001 are the results of the following attacks [CERT/CC, 2003]:

· Multiple vulnerabilities in the Internet Software Consortium's Berkeley Internet Name Domain (BIND) server,

· Sadmind/IIS worm (a worm that exploits a vulnerability in Solaris systems and

subsequently installs software to attack Microsoft IIS web servers),

· Code Red worm (a self-propagating malicious code that exploits IIS-enabled systems),

· SirCam worm (a malicious code that spreads through email and potentially through unprotected network shares), and

· Nimda blended threat (a combination of worm, viruses, and other codes that propagates itself via several methods, including email, network shares, or through an infected web

Chapter 3 Research Method

3.1 Data Collection and Methods

Source of data

Researchers are expected to use both primary and secondary data. The primary data will be used to bridge the research gap in the existing literature. The main source of data is the data which collected from questionnaires. Separate questionnaire is designed for the Analyze the style of growth. And a separate questionnaire is designed for the analyze the computer and internet security breaches . Other than that, many academic journals and articles will be used as sources of data.

Collection of data

A separate questionnaire is designed for the analyze the style of growth and analyze the computer and internet security breaches.. In the first section of questionnaire is designed to collect demographic information such as designation, gender, age, Industry and etc. From next part onwards it is being asked the view point of computer crimes.

Besides the information gathered from the questionnaires it is expected to use various documents available in the university web sites as the secondary data source.

3.2 Population & sample

Population of this study contained all listed companies in the sri lanka . The reason for the selection of listed companies in sri lanka for this study is due to the information accessibility. The study sample of 40 participants will be generated by using stratified sampling methods.

3.3 Data Management

The collected data will be fed to the SPSS software which is one of the best soft ware’s to analysis data, especially in quantitative nature. All the questions in the questionnaires are available in SPSS windows with the given answers and will be coded accordingly. All the questionaries’ themselves available reference numbers, therefore the easy access to the information is highly protected. The information feeding process to SPSS is done in highly accurate manner. One person entered data to SPSS, and another person has to recheck the accuracy of data. Third person has confirmed the accuracy of the coding system.

Data Analysis Strategies

Secondary data, which were collected through a comprehensive review of literature as detailed in the literature review of this proposal, analyzed to identify gaps in the existing body of knowledge on the issues pertinent to the research topic. The research gaps identified were used as a basis for reaffirming the relevance of the research problem, developing the research.

Primary data will be collected using questionnaires and analyze quantitatively. It is expected to analysis data by using SPSS software. For all demographic questions it is panned to generate frequency analysis. The factor analysis is also going to be tested. More importantly it is expected to carry out parametric and non- parametric analysis as appropriately to identify the significance relationships in the collected data. Other than that reliability test, t- tests, post hoc tests, regression analysis also going to be tested.

Chapter 4 Data Analysis

Mostly though, previous studies lack empirical results on how different types of attacks grow or provide reliable models of such attack growths. This understanding is important. Some attacks enormously and rapidly disrupt the Internet infrastructure for a length of time, thus resulting in millions of lost dollars. For example, the infamous "Melissa" virus in 1999 infected thousands of computers with rapid speed, causing an estimated $80 million in damages [CCITS, 2002]. The growth process can be studied from an innovation diffusion perspective [Rogers, 1991]. The four main elements in the diffusion process are:

1. the innovation (good or bad),

2. channels of communication,

3. time, and

4. the social system.

Although imitative and deterrence acts constitute the background of any attack scenario, the rates of imitation and deterrence may not be the same. When the rate of instigation increases it may mean an overall increase in deterrence rate as more and more security products will be developed. As these products come onto the market, attackers find ways to bypass these products and refine their attacks, which in turn leads to more refined security products. This cycle of reinforcing attack and deterrence continues.

Secanario1: Relative increase in net instigation rate is related to relative increase in

deterrence rate.

Thus, preventive measures are assumed to be thoroughly outweighed by attacks. Therefore, it is expected that the value of c, the net rate of instigation will be much higher than the value of q, the rate of deterrence or inhibition.

Scenario 2: Values of the net rate of instigation, c, will be much higher than values of q, the rate of inhibition for computer and Internet-related bad innovations, i.e., digital crimes and security breaches.

Although reported computer crimes are of many types, not all of them are equally popular, due to economic, political, technical and a variety of other reasons. At the beginning, hacking was done primarily for intellectual satisfaction, to break a system. In recent times however, financial profit considerations are one of the main reasons for computer crimes.

Scenario 3: Not all computer crimes and security breaches show similar growth rates

Security tools or defensive cyber weapons include encryption, authentication, access controls, firewalls, anti-viral software, audit tools, and intrusion detection systems [Denning, 2000]. Although new security tools are being developed (for example, biometrics and digital IDs) and security technologies are increasingly used by many firms, it is useful to investigate whether and how usage is related to attacks that occur. Thus, denial of service attacks, proprietary information theft, and system penetration attacks should lead to more use of intruder detection software, encryption, and firewalls; virus attacks should lead to more antivirus software use and encryption.

Secanario 4: The more security incidents happen, the more security technologies are used

4a. system penetration attacks should lead to more use of intruder detection software,encryption, and firewalls

4b. denial of service attacks should lead to more use of intruder detection software,

encryption, and firewall

4c. proprietary information theft should lead to more use of intruder detection software,

encryption, and firewalls

4d. virus attacks should lead to more antivirus software use and encryption use.

Table shows the distribution of the respondents who reported attacks by industry sector. The distribution did not change much over the four year period.

Industry sector	%
Manufactring	40
Service	10
Banking	20
Insurance	10
Other	20

Result

The figure captures the fit of the power function of the relationship between q and

c. The function is: q = .089c(2.19) (R2 = .66). An increase in net instigation rate is greater than the corresponding relative increase in inhibition rate. This result is consistent with results obtained from other types of crimes [Pitcher et al., 1978]. The moderate fit and the positive value of c support Proposition 1.

Values of net instigation rate, c, will be much higher than values of inhibition rate,

q, for computer and Internet-related bad innovations, i.e., computer crimes and security breaches. The R2 value from the model fits are high (.80-.99). The values of q and c are

different, for each type of security breach, with values of c much higher than q. When c> q, overall impact of net instigation is more than the inhibition rate and vice versa. The results are again consistent with the results obtained from other types of crimes

Not all computer crimes and security breaches show similar growth rates. The pair of values of q and c, as obtained from each run, is very different for each type of crimes, thus confirming Proposition 3. Of these viruses, financial fraud, and theft of proprietary information are projected to be significant and costly in the near future. Denial of service is rising rapidly. Telecom fraud, active wiretapping, laptop theft, and unauthorized insider access will be lower. By comparison, the rest of the crimes are projected to be at a moderate level of intensity.

Conclusion

Of the four propositions explored in this study, three (Propositions 1-3) were strongly confirmed while the remaining one (Proposition 4) was partially confirmed. In summary, the results of this study led us to conclude that

· Relative increase in net instigation rate is related to relative increase in inhibition rate which implies that the increasing attack incidences will force organizations and governments to come up with means of preventing or reducing them

· For computer and Internet-related attacks (bad innovations), the values of net instigation rate is higher than values of inhibition rate, implying more efforts and resources need to be applied toward inhibiting attacks;

· Different computer crimes and security breaches grow at different rates, which implies that all these crimes should not receive the same level of attention because some crimes are likely to spread more rapidly than others;

· Real world practice does not always follow the common notion that as more attac incidents occur, more security technologies are used. This finding may imply that organizations and governments do not necessarily spend money on security measures in proportion to the frequency of attack incidences. Ninety percent of respondents in the 2002 survey, for example, used anti-virus software; however, at least 10-15% of respondents did not detect any virus, due probably to non-use or ignorance [Power, 2002]. Viruses are among those attack incidents that caused financial losses.

This article is a first attempt to identify the nature of growth of various computer and Internet related crimes, using a sparse set of data. First, a model was selected for bad innovation modeling which can represent both imitative and inhibitive behaviors in attacks. Next, the model was used to derive and compare various types of attack statistics with a sparse set of data

Reference

Arquilla, J. (2001) Networks and Netwars: The Future of Terror, Crime, and Militancy, Santa Monica, CA: RAND Corporation.

Atkins, D.(199 6) Internet Security Professional Reference. Indianapolis, IN: New Riders Pub.

Attrition (2001) http://www.attrition.org/mirror/attrition/stats.html Last consulted 11-27-03.

Bass, F.M. (1969) "A New Product Growth Model for Consumer Durables" Management Science, pp. 215-227.

Bandura, A. (1986) Social Foundations of Thought and Action. Englewood Cliffs, NJ: Prentice- Hall. A CCITS/Infosech Presentation on Internet Security,2002.

CERT/CC Web Site, http://www.cert.org .Last consulted 12-06-03.

Convention on Cybercrime http://conventions.coe.int/Treaty/EN/cadreNews.htm .Last consulted 12-06-03.

Computer Fraud and Abuse Statute, (2002) http://nsi.org/Library/Compsec/cfa.txt .Last consulted 12-06-03.

CTNEWS(2002) http://www.cnetnews.com. Last consulted 11-06-03.

Dalal, S., Ho, Y. and Sherman, R. (1998) “Learning from Experience to Improve Early Forecasts:

A Posterior Mode Approach” In Business and Economic for the 21st Century, Vol. II

Worcester, MA: Business and Economics Society International,. pp. 338-353.

Denning, D.(2000) “Reflections on Cyber weapons Controls” Computer Security Journal, (XVI) 4.

Denning, D. (1998) Information Warfare and Security, Upper Saddle River, NJ: PearsonEducation.

Communications of the Association for Information Systems (Volume12, 2003)684-700 699

Ford, R. (1999) “No Surprises in Melissa Land” Computers and Security, (18), pp. 300-302.

Garg, A., Curtis, J. and Halper, H. (2003) “Quantifying the Financial Impact of IT Security Breaches” Information Management & Security (11)2, pp. 74-83.

Householder, A., Houle, K. and Dougherty, C. (2002) “Computer Attack Trends Challenge

Internet Security, Security and Privacy” Supplement to Computer, IEEE Computer

Society.

Jepson, C., E. I. DuPont de Nemours & Co., Inc,Internal Presentation, 1976.

Kalish, S. and Lilien, G. (1986) “A Market Entry Timing Model for New Technologies”

Management Science, 32 (2), pp. 194-205.

Katz, M. and Shapiro, C. (1986) “Technology Adoption in the Presence of Network Externalities” Journal of Political Economy (94), pp. 822-841.

Krebs, B. (2003). “Good' Worm Fixes Infected Computers” http://www.washingtonpost.com/wpdyn/ articles/A9531-2003Aug18.html. Last consulted 12-06-03.

Lakhani, H. (1979) "Empirical Implications of Mathematical Functions Used to Analyze Market Penetration of New Products" Technological Forecasting and Social Change (15)2, pp. 147-156.

Lawton, S. B. and Lawton, W. H. (1979) “An Autocatalytic Model for the Diffusion of Educational Innovations” Educational Administrative Quarterly, 15 (1), pp. 19-46.

Lukasik, S. J.(2000) “Protecting the Global Information Commons" Telecommu-nication Policy, (24)6-7, pp. 519-531.

Mahajan, V., Muller, E. and Bass, F. M. (1990) "New Product Diffusion Models in Marketing: A Review and Directions for Research" Journal of Marketing, (54), pp. 1-26.

Mahajan, V. and Peterson, R. (1987) “Models for Innovation Diffusion,” Sage University Paper series on Quantitative Applications in the Social Sciences, (2nd Ed.), Beverly Hills: SAGE Publications.

Martino, J. P. (1972) "The Effect of Errors in Estimating the Upper Limit of a Growth Curve" Technological Forecasting and Social Change, (4), pp. 77-84.

McCrohan, K. F. (2003) “Facing the Threats to Electronic Commerce” Journal of Business & Industrial Marketing, 18 (2) , pp. 133-145.

Neumann, P. (1999) “Information System Adversities and Risks” presented at the Conference on International Cooperation to Combat Cyber Crime and Terrorism, Stanford, CA: Hoover Institution, , pp. 1-2, 3. http://www.oas.org/juridico/english/information_system_ adversities_a.htm

Parker, D.B. (1983) Fighting Computer Crime. New York: Scribner's.

Pitcher, B., Hamblin, R. and Miller, J. (1978) “The Diffusion of Collective Violence” American Sociological Review, (43), pp.23-35.

Power, R. (2002) “CSI/FBI Computer Crime and Security Survey” Computer Security Issues and Trends, (8)1, pp. 1-22.

Ratnasingam, P. (2002) “The Important of Technology Trust in Web Services Security”

Information Management & Computer Security, (10)5, pp. 255-260.

Richardson, R. (2003) The 2003 CSI/FBI Computer Crime and Security Survey. San Francisco: Computer Security Institute Inc., pp. 1-20.

Rogers, E. (2003) The Diffusion of Innovation. New York: Free Press.

Smith, A. D. and Rupp, W. T. (2002) “Issues in Cybersecurity: Understanding the Potential Risks Associated with Hackers/Crackers” Information Management & Computer Security, (10)4, pp. 178-183.

Sofaer, A. D. and Goodman, S. (Eds), (2001) The Transnational Dimension of Cyber Crime and Terrorism, Hoover National Security Forum Series, Stanford, CA: Hoover Institution Press.SPSS 11 Syntax Reference Guide, 2003. Chicago IL: SPSS Publication Sales.

Straub, D.W. (1990) “Effective IS Security: An Empirical Study’’ Information Systems Research, (1)3, pp. 255-276.

Straub, D., Carlson, P. and Jones, E. (1993) “Deterring Highly Motivated Computer Abusers: A Field Experiment in Computer Security” Journal of Management Systems (5)1, pp. 33-48.

Straub, D. and Welke , R. (1998) “Coping with Systems Risk: Security Planning Models for Management Decision-Making” MIS Quarterly, (22)4, pp. 441-469.

Sultan, F., Farley, J., and Lehmann, D. (1990) “A Meta-Analysis of Applications of Diffusion Models" Journal of Marketing Research, (27), pp. 70-77.

Tigert, D. and Farivar, B. (1981) “The Bass New Product Growth Model: A Sensitivity Analysis for a High Technology Product”. Journal of Marketing, (45), pp. 81-90.

Ullman, R. and Ferrera, D. (1998) “Crime on the Internet,” Boston Bar Journal, Nov./Dec., no.6. Wright, M. Upritchard, C. and Lewis, T. (1997) “A Validation of the Bass New Product Diffusion Model in New Zealand” Marketing Bulletin, (8), pp. 15-29.

A Style of growth of computer and internet Security Breaches In sri lanka

This questionnaire is only foe the use of information in the Academic Module of Artificial Neural Network Which Coming under the Degree Programme of B.Sc Accounting (Special) Degree Part IV Of the university of Sri Jayewardenepura.

This Questionnaire was design to find out the A style of growth of computer and internet security breaches in sri lankan business. We would be greatful if you could complete the questionnaire below and provide your honest answers. The information only used for the Academic purpose and we ensure the confidentiality of information provided by you

1. Gender Female Male