mailing list archives
Re: Country of Origin for Malicious Attacks
From: sgorman1 () gmu edu
Date: Fri, 27 Jun 2003 08:59:09 -0400
"I'd be interested in knowing how linking aggregated attack information to country of origin is actually valuable
relative to our ability to respond to it."
The simulations we have been running are at the AS level, but country level information is useful for running some of
the scenarios we are interested in. Currently we have been starting attacks on the AS graph from randomly selected
networks, but thought it would be interesting to start attacks from frequent bad actors. The country level part comes
in since we are doing this from an economic/policy perspective. If you are going to invest money in cybersecurity what
are the most important networks to protect. If there needs to be cross country cooperation, which countries are the
most important to get to sign on. Still not sure how effective of a way this is to look at the problem, but it is one
of the scenarios we are running through along with market forces, best practices, insurance, liability etc etc.
If anyone is intersted we'll be posting the general approach and models on the xxx.lanl.gov site in the next day or so.
I can post the link if folks are intersted, any feedback would be greatly appreciated.