text-only page produced automatically by LIFT Text Transcoder Skip all navigation and go to page contentSkip top navigation and go to directorate navigationSkip top navigation and go to page navigation
National Science Foundation Home National Science Foundation - Computer & Information Science & Engineering (CISE)
Computer & Information Science & Engineering (CISE)
design element
About CISE
Funding Opportunities
Advisory Committee
Career Opportunities
Advisory Committee for Cyberinfrastructure
See Additional CISE Resources
View CISE Staff
CISE Organizations
Advanced Cyberinfrastructure (ACI)
Computing and Communication Foundations (CCF)
Computer and Network Systems (CNS)
Information & Intelligent Systems (IIS)
Proposals and Awards
Proposal and Award Policies and Procedures Guide
Proposal Preparation and Submission
bullet Grant Proposal Guide
  bullet Grants.gov Application Guide
Award and Administration
bullet Award and Administration Guide
Award Conditions
Merit Review
NSF Outreach
Policy Office
Additional CISE Resources
Advisory Committee Meetings
Career Opportunities
Funding Rates
Budget Excerpt
Assistant Director's Presentations and Congressional Testimony
CS Bits & Bytes
CISE Distinguished Lecture Series
Cyberlearning Webinar Series
Data Science Webinar Series
Smart & Connected Health Webinar Series
WATCH Series
CISE Strategic Plan for Broadening Participation
Keith Marzullo on Serving in CISE
Cybersecurity Ideas Lab Report
Other Site Features
Special Reports
Research Overviews
Multimedia Gallery
Classroom Resources
NSF-Wide Investments

Save the dateEmail this pagePrint this page
WATCH - Security, Cybercrime and Scale

WATCH Series - Cormac Herley - Microsoft Research

March 21, 2013 12:00 PM  to 
March 21, 2013 1:00 PM
NSF Room 110


In a traditional threat model a user Alice faces an attacker Mallory. Against a sufficiently motivated attacker Alice must neglect nothing. Assuming that Mallory will keep going until he exhausts his attacks (or succeeds) it is both necessary and sufficient to block all possible attacks. Thus, security is only as good as the weakest link, and so on. While simple, and appropriate in high-assurance settings, we show that this model does not scale and is inappropriate to the financially-motivated cybercrime that targets the masses.  It is arithmetically impossible that two billion Internet users face the sufficiently motivated attacker who will stop at nothing. The attackers who prey on Internet users are much more constrained. First, their attacks must be profitable on average: expected gain is greater than expected cost. Second, their attacks must either be scalable, or they must be able to locate viable targets with great accuracy (every failed attack reduces return). Third, they collide: independent attackers compete for the same victims, again reducing the return.

Why does any of this matter? We argue that when we ignore attacker constraints,  we make things harder than they need be for defenders, and this is a luxury we can no longer afford.  Technology makes possible many attacks that economics shows to be infeasible.  When we ignore this we waste effort on the wrong things. We illustrate, with examples, that to reduce the harm experienced by Internet users it is more important to understand the economic constraints of attackers than their technical capabilities.


Cormac Herley is a Principal Researcher at Microsoft Research, where he's been since 1999. His main current interests are data analysis problems, authentication and the economics of information security. He has published widely in signal and image processing, information theory, multimedia, networking and security.  He is the inventor on over 70 US patents, and has shipped technologies used by hundreds of millions of users. He received the PhD degree from Columbia University, the MSEE from Georgia Tech, and  the BE(Elect) from the National University of Ireland.

To Join the Webinar:

The Webinar will be held from 12:00-1:00pm EDT on March 21, 2013 in Room 110.

To attend virtually, please register at: http://www.tvworldwide.com/events/nsf/130321/

This event is part of Webinars/Webcasts.

Meeting Type

Keith Marzullo, (703) 292-8950, kmarzull@nsf.gov

NSF Related Organizations
Directorate for Computer & Information Science & Engineering

Public Attachments


Save the dateEmail this pagePrint this page
Back to Top of page