Affiliation:
1. Massachusetts Institute of Technology, Cambridge, USA
Abstract
Cyber attacks are increasingly menacing businesses. Based on the literature review and publicly available reports, this article conducts an extensive and consistent survey of the services used by the cybercrime business, organized using the value chain perspective, to understand cyber attack in a systematic way. Understanding the specialization, commercialization, and cooperation for cyber attacks helps us to identify 24 key value-added activities and their relations. These can be offered “as a service” for use in a cyber attack. This framework helps to understand the cybercriminal service ecosystem and hacking innovations. Finally, a few examples are provided showing how this framework can help to build a more cyber immune system, like targeting cybercrime control-points and assigning defense responsibilities to encourage collaboration.
Funder
Cybersecurity at MIT Sloan
National Natural Science Foundation of China
Publisher
Association for Computing Machinery (ACM)
Subject
General Computer Science,Theoretical Computer Science
Reference159 articles.
1. ABC NEWS. 2008. Bad economy helping Web scammers recruit mules. Retrieved from http://abcnews.go.com/Technology/story?id&equal;6428943. ABC NEWS. 2008. Bad economy helping Web scammers recruit mules. Retrieved from http://abcnews.go.com/Technology/story?id&equal;6428943.
2. SoK: Lessons Learned from Android Security Research for Appified Software Platforms
3. Software vulnerability markets: Discoverers and buyers. Int. J. Comput., Electr., Automat., Control Info;Algarni Abdullah M.;Eng.,2014
4. Under the Shadow of Sunshine: Understanding and Detecting Bulletproof Hosting on Legitimate Service Provider Networks
Cited by
68 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献