[Swarmfest2005] Paper submission

[Ferraris]

The value of the security

Gianluigi Ferraris - University of Torino - address@hidden
Roberto Marras

The worldwide connection among firms and customers, through the Internet, has 
allowed a large diffusion of the so called "malicious software": programs 
devoted to damage the systems they infect of to steal information. Security has 
become more and more an important topic for the firms management, they have to 
deal with the trade-off between costs related to the countermeasures and loss 
due to the hackers attacks. 

The presented model has been written to become a robust framework where 
security solutions, relative costs and revenues could be experimented in a 
virtual laboratory. This early version is focused on the one of the latest 
virus' type: the "spyware": a program that collect very private information, 
like passwords, credit card number, and so on, to lower the firms' defences and 
give the attacks higher probability to succeed. 

The model, a Swarm based one, has been exploited to investigate the terrible 
power of this kind of virus; the topic research has been devoted to find out 
the existence of a break even point to be used in dealing with the named 
trade-off problem: lot of firms are, actually, investing money to set up 
countermeasures without having the possibility to do a well based 
costs-benefits analysis; they simply follow common rules hardly even based on 
the comparison between the costs of the countermeasures and the saving related 
to avoided damages.