Collective responsibility and mutual coercion in IoT botnets A tragedy of the commons problem

Adaros Boye, Carolina and Kearney, Paul and Josephs, Mark (2018) Collective responsibility and mutual coercion in IoT botnets A tragedy of the commons problem. In: International Workshop on Behavioral Analysis for System Security - BASS 2018, 26 to 28 of July, 2018, Porto. (In Press)

[img]
Preview
Text
Collective_responsibility_and_mutual_coercion_in_IoT_botnets__A_tragedy_of_the_commons_problem_V1.0.pdf

Download (368kB)

Abstract

In recent years, several cases of DDoS attacks using IoT botnets have been reported, including the largest
DDoS known, caused by the malware Mirai in 2016. The infection of the IoT devices could have been
prevented with basic security hygiene, but as the actors responsible to apply these preventative measures are
not the main target but just “enablers” of the attack their incentive is little. In most cases they will even be
unaware of the situation. Internet, as a common and shared space allows also some costs to be absorbed by
the community rather than being a direct consequence suffered by those that behave insecurely. This paper
analyses the long term effects of the prevalence of a system where individual decision-making systematically
causes net harm. An analogy with “the tragedy of the commons” problem is done under the understanding
that rational individuals seek the maximization of their own utility, even when this damages shared resources.
Four areas of solution are proposed based on the review of this problem in different contexts. It was found
necessary to include non-technical solutions and consider human behaviour. This opens a discussion about a
multidisciplinary focus in IoT cyber security.

Item Type: Conference or Workshop Item (Paper)
Subjects: G400 Computer Science
Divisions: Faculty of Computing, Engineering and the Built Environment > School of Computing and Digital Technology > Cyber Security
Faculty of Computing, Engineering and the Built Environment
UoA Collections > REF2021 UoA11: Computer Science and Informatics
Depositing User: Carolina Adaros Boye
Date Deposited: 24 Jul 2018 14:08
Last Modified: 24 Jul 2018 14:08
URI: http://www.open-access.bcu.ac.uk/id/eprint/6156

Actions (login required)

View Item View Item

Research

In this section...