Figure 1 - uploaded by Sergio Pastrana
Content may be subject to copyright.
Model overview. 

Model overview. 

Source publication
Article
Full-text available
Nowadays, both the amount of cyberattacks and their sophistication have considerably increased, and their prevention is of concern of most of organizations. Cooperation by means of information sharing is a promising strategy to address this problem, but unfortunately it poses many challenges. Indeed, looking for a win-win environment is not straigh...

Similar publications

Article
Full-text available
This study used geotagged Instagram information to analyze tourist movements in Hong Kong. Data were collected over a four-year period from over 600,000 posts at 202 attractions. Destination-wide analyses of cluster attractions can illustrate relationships between attractions and facilitate comprehensive multi-destination planning. Using geotagged...

Citations

... For over forty years, economists have analyzed information sharing between organizations, most of the time with the involvement of proxies (e.g., trade associations) . About twenty years ago, these "old" models were taken up by security economics when information security emerged as a new application domain for economic reasoning Garrido-Pelaz, Gozalez-Manzano, & Pastrana, 2016). Today, extensive scientific literature confirms that SIS among human agents who operate information systems is conducive for improving the cybersecurity of these systems . ...
Chapter
Empirical studies have analyzed the incentive mechanisms that support security information sharing between human agents, a key activity for critical infrastructure protection. However, recent research shows that most Information Sharing and Analysis Centers – the most common institution organizing security information sharing – do not perform at Pareto optimal level, even when properly regulated. Using a meso-level of analysis, we close an important research gap by presenting a theoretical framework that links institutional economics and security information sharing. We illustrate this framework with a dataset collected through an online questionnaire addressed to all critical infrastructures (N=262) operating at the Swiss Reporting and Analysis Centre for Information Security (MELANI). Using descriptive statistics, we investigate how institutional rules offer human agents an institutional freedom to self-design an efficient security information sharing artifact. Our results show that a properly designed artifact can positively reinforces human agents to share security information and find the right balance between three governance models: A) public–private partnership, B) private or C) government-based. Overall, our work lends support to a better institutional design of security information sharing and the formulation of policies that can avoid non-cooperative and free-riding behaviors that plague the cybersecurity public-good.
Article
Blocklists constitute a widely-used Internet security mechanism to filter undesired network traffic based on IP/domain reputation and behavior. Many blocklists are distributed in open source form by threat intelligence providers who aggregate and process input from their own sensors, but also from third-party feeds or providers. Despite their wide adoption, many open-source blocklist providers lack clear documentation about their structure, curation process, contents, dynamics, and inter-relationships with other providers. In this paper, we perform a transparency and content analysis of 2,093 free and open source blocklists with the aim of exploring those questions. To that end, we perform a longitudinal 6-month crawling campaign yielding more than 13.5M unique records. This allows us to shed light on their nature, dynamics, inter-provider relationships, and transparency. Specifically, we discuss how the lack of consensus on distribution formats, blocklist labeling taxonomy, content focus, and temporal dynamics creates a complex ecosystem that complicates their combined crawling, aggregation and use. We also provide observations regarding their generally low overlap as well as acute differences in terms of liveness (i.e., how frequently records get indexed and removed from the list) and the lack of documentation about their data collection processes, nature and intended purpose. We conclude the paper with recommendations in terms of transparency, accountability, and standardization.
Conference Paper
Full-text available
Data sharing among partners---users, companies, organizations---is crucial for the advancement of collaborative machine learning in many domains such as healthcare, finance, and security. Sharing through secure computation and other means allow these partners to perform privacy-preserving computations on their private data in controlled ways. However, in reality, there exist complex relationships among members (partners). Politics, regulations, interest, trust, data demands and needs prevent members from sharing their complete data. Thus, there is a need for a mechanism to meet these conflicting relationships on data sharing. This paper presents, an approach to exchange data among members who have complex relationships. A novel policy language, CPL, that allows members to define the specifications of data exchange requirements is introduced. With CPL, members can easily assert who and what to exchange through their local policies and negotiate a global sharing agreement. The agreement is implemented in a distributed privacy-preserving model that guarantees sharing among members will comply with the policy as negotiated. The use of Curie is validated through an example healthcare application built on recently introduced secure multi-party computation and differential privacy frameworks, and policy and performance trade-offs are explored.