BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Memento EPFL// BEGIN:VEVENT SUMMARY:IC Colloquium : Network security economics: Understanding incentiv es to improve online security DTSTART:20130307T161500 DTEND:20130307T173000 DTSTAMP:20260407T064043Z UID:b04bdb9a518d0c43ead2377ce8731280a4252138d10d5cc43560cea3 CATEGORIES:Conferences - Seminars DESCRIPTION:Nicolas Christin\, Carnegie Mellon University\nIC faculty cand idate\nAbstract\nWith the rise of financially-motivated computer abuse\, u nderstanding economic incentives of both attackers and targets has become critical to strengthening online security. In this talk\, I will advocate the need for a broad research agenda\, ranging from network measurements a nd analysis to game-theoretic modeling.\nI will first show how empirical n etwork measurements help better design intervention mechanisms against att ackers. Using the online sale of unlicensed pharmaceutical drugs as a case study\, I will describe how longitudinal\, large-scale measurements and a nalysis reveal important structural properties of a priori complex crimina l ecosystems. I will in particular demonstrate the existence of "choke poi nts" both in traffic brokering and product supply\, which should be prime targets for intervention.\nIn addition to disrupting attackers' operations \, improving overall network security also requires users strengthen their defenses -- but which incentives do they have to do so? I will introduce a game-theoretic model that we developed to describe how rational users re spond to security threats in large-scale networks. I will use this model t o show how network effects\, specifically negative network externalities\, strongly influence security decision making. I will conclude by outlining a roadmap for future security research combining measurements\, mathemati cal modeling and behavioral aspects.Biography\nNicolas Christin is the Ass ociate Director of the Information Networking Institute at Carnegie Mellon University\, and a Senior Systems Scientist in CyLab\, Electrical and Com puter Engineering\, and Engineering and Public Policy. He holds a Diplôme d'Ingénieur from École Centrale de Lille\, and M.S. and Ph.D. degrees i n Computer Science from the University of Virginia. After a postdoc in the School of Information at the University of California\, Berkeley\, he joi ned Carnegie Mellon in 2005. He served for three years as resident faculty at CMU CyLab Japan\, before returning to Carnegie Mellon's main campus in 2008. His research is in computer security and networking\, and spans a b road range of interests\, from systems to policy research. He has most rec ently focused on online crime\, security economics\, and behavioral aspect s of computer security. He equally enjoys field measurements and mathemati cal modeling. LOCATION:BC 420 https://plan.epfl.ch/?room==BC%20420 STATUS:CONFIRMED END:VEVENT END:VCALENDAR