Computer security is a field that is fundamentally co-dependent—driven to respond by the actions of adversaries. This dance fuels both the research community and a multibillion-dollar computer security industry. However, to date most efforts have focused on the technical components of this battle: identifying new vulnerabilities, exploits, and attacks, building and deploying new defenses, and so on. In this talk, I will argue for a complementary research agenda based on understanding the economic forces that drive today’s Internet attacks, deconstructing the underlying value chain for attackers and ultimately using this information to better focus on security interventions. I will provide a rough sketch of the modern cyber-criminal ecosystem, describe its dependencies, and highlight some of the key open questions that motivate our focus. Using a range of activities, including our own completed studies, work in progress, and work in development, I’ll illustrate how many of these questions can be tackled empirically. Finally, I’ll discuss the real and significant challenges in conducting this sort of research and in bringing it to appropriate stakeholders.
Reception to follow.
Stefan Savage is a professor of Computer Science and Engineering at the University of California, San Diego. He received his Ph.D. in Computer Science and Engineering from the University of Washington and a B.S. in Applied History from Carnegie Mellon University. Savage’s research interests lie at the intersection of distributed systems, networking, and computer security, with a current focus on embedded security and the economics of cybercrime. He currently serves as director of UCSD’s Center for Network Systems (CNS) and as co-director for the Cooperative Center for Internet Epidemiology and Defenses (CCIED), a joint effort between UCSD and the International Computer Science Institute. Savage is a fairly down-to-earth guy and only writes about himself in the third person when asked.