Business and social evaluation of denial of service attacks of communications networks in view of scaling economic counter-measures
This addresses the need for economic evaluation to inform policy and legal actions against cyberattacks, but it appears incremental as it builds on existing economic models applied to a specific domain.
The paper tackles the problem of assessing the economic and indirect impacts of denial of service attacks on communications networks, providing an analytical method based on time preference dynamics, long-term investments, and usability levels, with a concrete example for a corporate data centre and deployment cases in mobile services.
This paper gives an analytical method to determine the economic and indirect implications of denial of service and distributed denial of service attacks. It is based on time preference dynamics applied to the monetary mass for the restoration of capabilities, on long term investments to rebuild capabilities, and of the usability level of the capabilities after an attack. A simple illustrative example is provided for a denial of service on a corporate data centre. The needed data collection methodologies are categorized by classes of targets. The use of the method is explained in the context of legal or policy driven dissuasive, retaliation or compensation/ restoration actions. A concrete set of deployment cases in mobile communications services is discussed. The conclusion includes policy recommendations as well as information exchange requirements.