Economic Incentives to Increase Security in the Internet: the Case for Insurance Marc Lelarge (INRIA-ENS) Jean Bolot (SPRINT) IEEE INFOCOM, Rio 2009.

Slides:



Advertisements
Similar presentations
Optimal Contracts under Adverse Selection
Advertisements

Information Economics Consider the following variants on the game of poker: The Certainty Game – 5 cards dealt face up so that all players can see them.
A Local Mean Field Analysis of Security Investments in Networks Marc Lelarge (INRIA-ENS) Jean Bolot (SPRINT) NetEcon 2008.
1 Cyber Insurance and IT Security Investment: Impact of Interdependent Risk Hulisi Ogut, UT-Dallas Srinivasan Raghunathan, UT-Dallas Nirup Menon, UT-Dallas.
University of the Aegean, Greece Modelling and Economics of IT Risk Management and Insurance Stefanos Gritzalis Costas Lambrinoudakis Dept. of Information.
C REDIT RATIONING IN DEVELOPING COUNTRIES : AN OVERVIEW OF THE THEORY Parikshit ghosh Dilip mookherjee Debraj ray.
REGULATION: A THEORETICAL FRAMEWORK. OBJECTIVES: 4 Justify the existence of banking regulation 4 Consider banking regulation within the theory of regulation.
Economic Analysis for Business Session XVIII: Public Goods and Common Resources Instructor Sandeep Basnyat
Network Security: an Economic Perspective Marc Lelarge (INRIA-ENS) currently visiting STANFORD TRUST seminar, Berkeley 2011.
Fall 2008 Version Professor Dan C. Jones FINA 4355 Class Problem.
Moral hazard and contracts
Geoffrey Heal Graduate School of Business Columbia University Howard Kunreuther Center for Risk Management.
Contracts and Mechanism Design What Contracts Accomplish Moral Hazard Adverse Selection (if time: Signaling)
© 2009 Pearson Education Canada 20/1 Chapter 20 Asymmetric Information and Market Behaviour.
Slide 1  2002 South-Western Publishing An assumption of pure competition was complete knowledge of all market information. But knowledge can be unevenly.
Competitive Cyber-Insurance and Network Security Nikhil Shetty Galina Schwartz Mark Felegyhazi Jean Walrand EECS, UC-BerkeleyWEIS 2009 Presentation.
Health Insurance October 19, 2006 Insurance is defined as a means of protecting against risk. Risk is a state in which multiple outcomes are possible and.
 Summary: The government protects the ownership of resources, such as land, personal possessions, physical assets, and intellectual property Examples:
Geoffrey Heal Graduate School of Business Columbia University Howard Kunreuther Center for Risk Management.
Competitive Cyber-Insurance and Network Security Nikhil Shetty Galina Schwartz Mark Felegyhazi Jean Walrand EECS, UC-BerkeleyTRUST 2009 Presentation.
L25 Asymmetric Information. Structure of the course 1) Consumers choice 2) Equilibrium, Producers (Pareto efficiency) 3) Market Failures - fixed cost:
317_L15, Feb 8, 2008, J. Schaafsma 1 Review of the Last Lecture began our discussion of why there is a demand for health insurance basic reason => people.
Chapter 9 THE ECONOMICS OF INFORMATION Copyright ©2002 by South-Western, a division of Thomson Learning. All rights reserved. MICROECONOMIC THEORY BASIC.
Efficient Portfolios MGT 4850 Spring 2008 University of Lethbridge.
Chapter 14: Government and Market Failure
Economics of Malware: Epidemic Risk Model, Network Externalities and Incentives. Marc Lelarge (INRIA-ENS) WEIS, University College London, June 2009.
Health Economics & Policy 3 rd Edition James W. Henderson Chapter 6 The Market for Health Insurance.
Consultancy.
Game Theory “A little knowledge is a dangerous thing. So is a lot.” - Albert Einstein Topic 7 Information.
2 H i g h e r E d u c a t i o n © Oxford University Press, All rights reserved. Chapter 5: Economic theory 2: Insurance Barr: Economics of the Welfare.
Principal - Agent Games. Sometimes asymmetric information develops after a contract has been signed In this case, signaling and screening do not help,
Chapter 37 Asymmetric Information. Information in Competitive Markets In purely competitive markets all agents are fully informed about traded commodities.
© Cumming & Johan (2013)Agency Problems Cumming & Johan (2013, Chapter 2) 1.
L25 Asymmetric Information. Road map 1) Consumers choice 2) Equilibrium, Producers (Pareto efficiency) 3) Market Failures - fixed cost: monopoly and oligopoly.
The Moral Hazard Problem Stefan P. Schleicher University of Graz
Health Economics & Policy 2 nd Edition James W. Henderson Chapter 5 The Market for Health Insurance Copyright 2002, South-Western, a division of Thomson.
Incentives and Organization and Regulation Managerial Economics Jack Wu.
Asymmetric Information
Copyright © 2002 Pearson Education, Inc. Slide 12-1 Table 12.1 Financial Intermediaries in the United States.
Markets and Government CHAPTER 13 © 2016 CENGAGE LEARNING. ALL RIGHTS RESERVED. MAY NOT BE COPIED, SCANNED, OR DUPLICATED, IN WHOLE OR IN PART, EXCEPT.
Consumer Choice With Uncertainty Part II: Examples Agenda: 1.The Used Car Game 2.Insurance & The Death Spiral 3.The Market for Information 4.The Price.
© 2006 McGraw-Hill Ryerson Limited. All rights reserved.1 Chapter 14: Market Failures and Government Policy Prepared by: Kevin Richter, Douglas College.
© 2010 W. W. Norton & Company, Inc. 37 Asymmetric Information.
Asymmetric Information
MIS An Economic Analysis of Software Market with Risk-Sharing Contract Byung Cho Kim Pei-Yu Chen Tridas Mukhopadhyay Tepper School of Business Carnegie.
WH A T A R E B A N K S A N D WH A T D O T H E Y D O? The Meaning of Banking The provision of deposit and loan products normally differentiate banks from.
Contracting The incentives of the employer (principal) and employee (agent) are different. A contract is designed to implement an outcome both parties.
Lecture 6 Uncertainty. Cost of Risk Agents are said to be risk averse if they prefer the expected payoff from a gamble to the gamble itself.
The Economics of Information and Choice Under Uncertainty.
Chapter 3 Review Free Enterprise Economics. 1 In a free enterprise economy, how is the following question answered. What goods will be produced? Producers.
1 Extra Topics. 2 Economics of Information Thus far we have assumed all economic entities have perfect information when making decisions - this is obviously.
Chapter Thirty-Six Asymmetric Information. Information in Competitive Markets u In purely competitive markets all agents are fully informed about traded.
Consumer Choice With Uncertainty Part II: Examples
Consumer Choice With Uncertainty Part II: Examples
Chapter 8 An Economic Analysis of Financial Structure
THE ECONOMICS OF INFORMATION
Asymmetric Information
Asymmetric Information
Asymmetric Information
Lecture 8 Asymmetric Information: Adverse Selection
Asymmetric Information
Fundamentals of Banking
Chapter 8 An Economic Analysis of Financial Structure
An Economic Analysis of Financial Structure
An Economic Analysis of Financial Structure
Asymmetric Information
An Economic Analysis of Financial Structure
Asymmetric Information
Fundamentals of Banking
Presentation transcript:

Economic Incentives to Increase Security in the Internet: the Case for Insurance Marc Lelarge (INRIA-ENS) Jean Bolot (SPRINT) IEEE INFOCOM, Rio 2009.

Bot Networks What are botnets used for? Access your online banking information Route illegal activities through your computer so that it looks like it is coming from you Store illegal files on your computer systems Send vast amounts of spam to other users See what you are doing on your computer Attack other computer systems in conjunction with other compromised systems…

Symantec Internet Security Threat Report Symantec observed: an average of 61,940 active bot- infected computers per day (…) and 5,060,187 distinct bot-infected computers (over a period of one semester).

Bot herder directly infects agents N with probability p. Each neighbor is contaminated with a probability of contagion depending on its state. (1) Epidemic Model Bot herder N S

(1) Economic Model for the agents Each agent faces a potential loss. Investment in security has a fixed cost and reduces the probability of loss. Binary choice: – in state N, the probability of loss is. – in state S, the probability of loss is. Optimal strategy is S if

(1) Solving a market failure? Epidemic risk model allows to compute price of anarchy: agents under-invest in all cases! Free rider problem and/or Critical mass problem. Varian (02), Kunreuther & Heal (03), L & B (08) Designing incentives for user behavior. Internalizing network externalities through cyber-insurance?

(2) A framework to study insurance Principal-Agent Model: the Principal (Insurer) proposes the contract and the Agent just has to accept or reject the contract. The Principal is risk-neutral (can diversify the risks) and the Agent exhibits risk-aversion. An insurance contract is a couple of a premium and a benefit: insurer offers a contract (p[S],b[S]) to agents in state S and (p[S]+x,b[S]-y) to agents in state N.

(2) Example: Full coverage Utility Wealth

(2) Optimal risk sharing under asymmetric information Asymmetric information : adverse selection and moral hazard. If the insurer observes the level of protection of the agent: optimal risk sharing requires that the insurer perfectly ensures the agent. If the insurer cannot observe the level of protection of the agent, trade-off between risk sharing and incentives.

(3) Analysis of two cases (i)No moral hazard and full coverage. b[s]= -p[s]; x=y>0. (ii) Moral hazard and any contract. x=y=0. Results: -In cases (i) and (ii), insurance is not an incentive for protection (competitive insurance market or monopolistic insurer).

(3) Insurance as a good incentive If there is no moral hazard, there exists t such that in a competitive insurance market where the premium loading is forced to exceed t, then insurance is an incentive to protection. Implementing a tax for individuals not investing in protection could enable an insurance market. If there is no moral hazard, a social insurer is a good incentive.

To take away: Improving technical defenses is not enough! We need to find the proper economic incentives to deploy them. Moral hazard problem is a barrier for insurance and requires technical solutions: monitoring, estimating damages, security metrics. How to evolve the Internet to help insurers do a better job?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.