[Swarmfest2005] abstract submission

[Gianluigi Ferraris]

The value of the security
Gianluigi Ferraris – University of Turin – address@hidden
Roberto Marras

The worldwide connection among firm and customers, through the Internet, has
allowed a large diffusion of the so called malicious software: programs that
are devoted to damage the system they infect or to steal information.
Security has become more and more an important topic from the firms
management: they have to deal with the trade-off between cost of the
countermeasures and costs related to the hackers attacks.

The presented model has been written to become a robust framework where
security solutions and related costs and revenues could be experimented in a
virtual laboratory. This early version is focused on the role of a relative
new type of virus the so called “spyware”: a program that collect reserved
and important information, like passwords and so on. Its action may lower
the firms defences and give the attacks an high probability to succeed.

The model, a swarm based one, has been exploited to investigate the very
high power this kind of virus could express, trying also to find out the
existence of a sort of break even point to be used in dealing with the named
trade-off between security investment and avoided damages. The virus
awareness has revealed, into the simulation, to be able to save a lot of
losses related to the damages the successful attacks have provoked.

A lot of future work will be done in relaxing some initial assumptions and
enriching the model, to provide a very general structure to be used in
investigating security and connectivity related problems.


Il  contenuto  e  gli allegati  di questo  messaggio  sono  strettamente
confidenziali,  e ne sono vietati la diffusione e l'uso non autorizzato.

Le  opinioni  ivi  eventualmente  espresse sono  quelle  dell'autore: di
conseguenza  il  messaggio  non  costituisce  impegno  contrattuale  tra
Sanpaolo  IMI  ed  il  destinatario,   e  la  banca  non  assume  alcuna
responsabilita' riguardo ai contenuti del testo e dei relativi allegati,
ne' per eventuali intercettazioni, modifiche o danneggiamenti. 
 
Qualora il presente messaggio Le fosse pervenuto per errore,  Le saremmo
grati  se lo  distruggesse e,  via e-mail,  ce ne comunicasse  l' errata
ricezione all'indirizzo address@hidden


This e-mail (and any attachment(s)) is strictly confidential and for use
only by intended recipient(s).  Any opinions therein expressed are those
of the author.  Therefore  its content  doesn't represent any commitment
between   Sanpaolo IMI  and  the  recipient(s)   and   no  liability  or
responsibility  is  accepted  by  Sanpaolo IMI  for  the above mentioned
content.

Sanpaolo IMI S.p.A. is a Bank authorised by Banca d'Italia; Sanpaolo IMI 
S.p.A., London Branch, is regulated by the Financial Services  Authority
for the conduct of investment business in the UK.

If    you   are   not   an   intended   recipient(s),    please   notify
address@hidden promptly and destroy this message.