Modeling the Economic Incentives of DDoS Attacks: Femtocell Case Study

  • Vicente Segura
  • Javier Lahuerta
Conference paper


Many of the Internet security incidents are caused by agents which act moved by economic incentives. When that is the case, it is possible to model at tacker's incentives by applying economics principles and, if we can collect appropriate data, we can use the model to have a better understanding of the risk imposed by these threats. This paper presents a simple model that represents the economic incentives for launching DDoS attacks against a specific telecommunications service. In addition, some data has been collected in order to quantify some of the variables of the model. Finally, some simulations have been performed to have a better knowledge of the risk of suffering this kind of attacks and propose solutions to mitigate it.


Economic Incentive Mobile Operator Business Case Telecommunication Service Annual Revenue 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    BETFAIR: Annual Report (2004). 5-year-financial-summary.htmlGoogle Scholar
  2. 2.
    Brydon A., Heath M.: Femtocells in the consumer market: business case and marketing plan. Analysis Research (2007)Google Scholar
  3. 3.
    BWIN: Annual Report (2004).Google Scholar
  4. 4.
    Femtoforum: Femtoforum newsletter February (2009). http://www.femtoforum. org/newsletters/newsletter04/index.htmlGoogle Scholar
  5. 5.
    Franklin, J., Paxson, V., Perrig, A., Savage, S.: An inquiry into the nature and causes of the wealth of Internet miscreants. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS), pp. 375–388. ACM Press, New York (2007)Google Scholar
  6. 6.
    Ford, R., Gordon, S.: Cent, five cent, ten cent, dollar: Hitting spyware where it teally hurt$. In: Proceedings of the New Security Paradigms Workshop (NSPW), pp. 3–10. ACM Press, New York (2006)Google Scholar
  7. 7.
    Friess N., Aycock J.: Black market botnets. In: MIT Spam Conference. Cambridge, MA (2008)Google Scholar
  8. 8.
    IDG News Service: Super Bowl fuels gambling sites’ extortion fears. IT World, 28 January (2004). Scholar
  9. 9.
    Ilett, D.: Expert: Online extortion growing more common. CNET, 8 October (2004). 2100-7349_3-5403162.htmlGoogle Scholar
  10. 10.
    Li, Z., Liao, Q., Striegel, A.: Botnet economics: Uncertainty matters. In: M.E. Johnson (ed.) Managing Information Risk and the Economics of Security, pp. 245–267. Springer, New York (2008)Google Scholar
  11. 11.
    Pappalardo, D., Messmer, E.: Extortion via DDoS on the rise. Computerworld, 15 May (2005). networking/story/0,10801,101761,00.htmlGoogle Scholar
  12. 12.
    Schneier, B.: Does risk management make any sense? (2008). http://www.schneier. com/blog/archives/2008/10/does_risk_manag.htmlGoogle Scholar
  13. 13.
    Symantec: Symantec Internet Security Threat Report XIII (2008).Google Scholar
  14. 14.
    UNIBET: Annual Report (2004). corporate/templates/KeyFigureList.aspx?id=113Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2010

Authors and Affiliations

  1. 1.Department of Network and Services SecurityTelefonica I+D  

Personalised recommendations