Cybercrime deterrence and international legislation: Evidence from distributed denial of service attacks

Kai Lung Hui, Seung Hyun Kim, Qiu Hong Wang

Research output: Contribution to journalArticle

12 Citations (Scopus)

Abstract

In this paper, we estimate the impact of enforcing the Convention on Cybercrime (COC) on deterring distributed denial of service (DDOS) attacks. Our data set comprises a sample of real, random spoof-source DDOS attacks recorded in 106 countries in 177 days in the period 2004-2008. We find that enforcing the COC decreases DDOS attacks by at least 11.8 percent, but a similar deterrence effect does not exist if the enforcing countries make a reservation on international cooperation. We also find evidence of network and displacement effects in COC enforcement. Our findings imply attackers in cyberspace are rational, motivated by economic incentives, and strategic in choosing attack targets. We draw related implications.

Original languageEnglish
Pages (from-to)497-523
Number of pages27
JournalMIS Quarterly: Management Information Systems
Volume41
Issue number2
DOIs
Publication statusPublished - 2017 Jun

Fingerprint

International cooperation
Economics
Legislation
Deterrence
Attack
Cybercrime
Denial
Denial-of-service attack
Enforcement
Economic incentives
Cyberspace
Reservation

All Science Journal Classification (ASJC) codes

  • Management Information Systems
  • Information Systems
  • Computer Science Applications
  • Information Systems and Management

Cite this

@article{cb06f63adf984e8a92a56feb0e4c630e,
title = "Cybercrime deterrence and international legislation: Evidence from distributed denial of service attacks",
abstract = "In this paper, we estimate the impact of enforcing the Convention on Cybercrime (COC) on deterring distributed denial of service (DDOS) attacks. Our data set comprises a sample of real, random spoof-source DDOS attacks recorded in 106 countries in 177 days in the period 2004-2008. We find that enforcing the COC decreases DDOS attacks by at least 11.8 percent, but a similar deterrence effect does not exist if the enforcing countries make a reservation on international cooperation. We also find evidence of network and displacement effects in COC enforcement. Our findings imply attackers in cyberspace are rational, motivated by economic incentives, and strategic in choosing attack targets. We draw related implications.",
author = "Hui, {Kai Lung} and Kim, {Seung Hyun} and Wang, {Qiu Hong}",
year = "2017",
month = "6",
doi = "10.25300/MISQ/2017/41.2.08",
language = "English",
volume = "41",
pages = "497--523",
journal = "MIS Quarterly: Management Information Systems",
issn = "0276-7783",
publisher = "Management Information Systems Research Center",
number = "2",

}

Cybercrime deterrence and international legislation : Evidence from distributed denial of service attacks. / Hui, Kai Lung; Kim, Seung Hyun; Wang, Qiu Hong.

In: MIS Quarterly: Management Information Systems, Vol. 41, No. 2, 06.2017, p. 497-523.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Cybercrime deterrence and international legislation

T2 - Evidence from distributed denial of service attacks

AU - Hui, Kai Lung

AU - Kim, Seung Hyun

AU - Wang, Qiu Hong

PY - 2017/6

Y1 - 2017/6

N2 - In this paper, we estimate the impact of enforcing the Convention on Cybercrime (COC) on deterring distributed denial of service (DDOS) attacks. Our data set comprises a sample of real, random spoof-source DDOS attacks recorded in 106 countries in 177 days in the period 2004-2008. We find that enforcing the COC decreases DDOS attacks by at least 11.8 percent, but a similar deterrence effect does not exist if the enforcing countries make a reservation on international cooperation. We also find evidence of network and displacement effects in COC enforcement. Our findings imply attackers in cyberspace are rational, motivated by economic incentives, and strategic in choosing attack targets. We draw related implications.

AB - In this paper, we estimate the impact of enforcing the Convention on Cybercrime (COC) on deterring distributed denial of service (DDOS) attacks. Our data set comprises a sample of real, random spoof-source DDOS attacks recorded in 106 countries in 177 days in the period 2004-2008. We find that enforcing the COC decreases DDOS attacks by at least 11.8 percent, but a similar deterrence effect does not exist if the enforcing countries make a reservation on international cooperation. We also find evidence of network and displacement effects in COC enforcement. Our findings imply attackers in cyberspace are rational, motivated by economic incentives, and strategic in choosing attack targets. We draw related implications.

UR - http://www.scopus.com/inward/record.url?scp=85019841677&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85019841677&partnerID=8YFLogxK

U2 - 10.25300/MISQ/2017/41.2.08

DO - 10.25300/MISQ/2017/41.2.08

M3 - Article

AN - SCOPUS:85019841677

VL - 41

SP - 497

EP - 523

JO - MIS Quarterly: Management Information Systems

JF - MIS Quarterly: Management Information Systems

SN - 0276-7783

IS - 2

ER -