usenix conference policies
Learning from Early Attempts to Measure Information Security Performance
Jing Zhang, University of Michigan; Robin Berthier, University of Illinois at Urbana-Champaign; Will Rhee and Michael Bailey, University of Michigan; Partha Pal, BBN Technologies; Farnam Jahanian, University of Michigan; William H. Sanders, University of Illinois at Urbana-Champaign
The rapid evolution of threat ecosystems and the shifting focus of adversarial actions complicate efforts to assure security of an organization’s computer networks. Efforts to build a rigorous science of security, one consisting of sound and reproducible empirical evaluations, start with measures of these threats, their impacts, and the factors that influence both attackers and victims. In this study, we present a careful examination of the issue of account compromise at two large academic institutions. In particular, we evaluate different hypotheses that capture common perceptions about factors influencing victims (e.g., demographics, location, behavior) and about the effectiveness of mitigation efforts (e.g., policy, education). While we present specific and sometimes surprising results of this analysis at our institutions, our goal is to highlight the need for similar in-depth studies elsewhere.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
title = {Learning from Early Attempts to Measure Information Security Performance},
booktitle = {5th Workshop on Cyber Security Experimentation and Test (CSET 12)},
year = {2012},
address = {Bellevue, WA},
url = {https://www.usenix.org/conference/cset12/workshop-program/presentation/Zhang},
publisher = {USENIX Association},
month = aug
}
connect with us