Differential effects of prior experience on the malware resolution process

Seung Hyun Kim, Byung Cho Kim

Research output: Contribution to journalArticle

6 Citations (Scopus)

Abstract

Despite growing interest in the economic and policy aspects of information security, little academic research has used field data to examine the development process of a security countermeasure provider. In this paper, we empirically examine the learning process a security software developer undergoes in resolving a malware problem. Using the data collected from a leading antivirus software company in Asia, we study the differential effects of experience on the malware resolution process. Our findings reveal that general knowledge from cross-family experience has greater impact than specific knowledge from within-family experience on performance in the malware resolution process. We also examine the factors that drive the differential effects of prior experience. Interestingly, our data show that cross-family experience is more effective than withinfamily experience in malware resolution when malware targets the general public than when a specific victim is targeted. Similar results-for example, the higher (lower) effect of cross-family (within-family) experience-were observed in the presence of information sharing among software vendors or during a disruption caused by a catastrophe. Our study contributes to a better understanding of the specific expertise required for security countermeasure providers to be able to respond under varying conditions to fast-evolving malware.

Original languageEnglish
Pages (from-to)655-678
Number of pages24
JournalMIS Quarterly: Management Information Systems
Volume38
Issue number3
DOIs
Publication statusPublished - 2014 Sep 1

Fingerprint

Security of data
Malware
Economics
Software
Industry
Countermeasures
Vendors
Learning process
Information sharing
Information security
Developer
Catastrophe
Development process
Disruption
Expertise
Asia
Academic research
Factors

All Science Journal Classification (ASJC) codes

  • Management Information Systems
  • Information Systems
  • Computer Science Applications
  • Information Systems and Management

Cite this

@article{27be17cd07db46aabcbcbc2bb717598f,
title = "Differential effects of prior experience on the malware resolution process",
abstract = "Despite growing interest in the economic and policy aspects of information security, little academic research has used field data to examine the development process of a security countermeasure provider. In this paper, we empirically examine the learning process a security software developer undergoes in resolving a malware problem. Using the data collected from a leading antivirus software company in Asia, we study the differential effects of experience on the malware resolution process. Our findings reveal that general knowledge from cross-family experience has greater impact than specific knowledge from within-family experience on performance in the malware resolution process. We also examine the factors that drive the differential effects of prior experience. Interestingly, our data show that cross-family experience is more effective than withinfamily experience in malware resolution when malware targets the general public than when a specific victim is targeted. Similar results-for example, the higher (lower) effect of cross-family (within-family) experience-were observed in the presence of information sharing among software vendors or during a disruption caused by a catastrophe. Our study contributes to a better understanding of the specific expertise required for security countermeasure providers to be able to respond under varying conditions to fast-evolving malware.",
author = "Kim, {Seung Hyun} and Kim, {Byung Cho}",
year = "2014",
month = "9",
day = "1",
doi = "10.25300/MISQ/2014/38.3.02",
language = "English",
volume = "38",
pages = "655--678",
journal = "MIS Quarterly: Management Information Systems",
issn = "0276-7783",
publisher = "Management Information Systems Research Center",
number = "3",

}

Differential effects of prior experience on the malware resolution process. / Kim, Seung Hyun; Kim, Byung Cho.

In: MIS Quarterly: Management Information Systems, Vol. 38, No. 3, 01.09.2014, p. 655-678.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Differential effects of prior experience on the malware resolution process

AU - Kim, Seung Hyun

AU - Kim, Byung Cho

PY - 2014/9/1

Y1 - 2014/9/1

N2 - Despite growing interest in the economic and policy aspects of information security, little academic research has used field data to examine the development process of a security countermeasure provider. In this paper, we empirically examine the learning process a security software developer undergoes in resolving a malware problem. Using the data collected from a leading antivirus software company in Asia, we study the differential effects of experience on the malware resolution process. Our findings reveal that general knowledge from cross-family experience has greater impact than specific knowledge from within-family experience on performance in the malware resolution process. We also examine the factors that drive the differential effects of prior experience. Interestingly, our data show that cross-family experience is more effective than withinfamily experience in malware resolution when malware targets the general public than when a specific victim is targeted. Similar results-for example, the higher (lower) effect of cross-family (within-family) experience-were observed in the presence of information sharing among software vendors or during a disruption caused by a catastrophe. Our study contributes to a better understanding of the specific expertise required for security countermeasure providers to be able to respond under varying conditions to fast-evolving malware.

AB - Despite growing interest in the economic and policy aspects of information security, little academic research has used field data to examine the development process of a security countermeasure provider. In this paper, we empirically examine the learning process a security software developer undergoes in resolving a malware problem. Using the data collected from a leading antivirus software company in Asia, we study the differential effects of experience on the malware resolution process. Our findings reveal that general knowledge from cross-family experience has greater impact than specific knowledge from within-family experience on performance in the malware resolution process. We also examine the factors that drive the differential effects of prior experience. Interestingly, our data show that cross-family experience is more effective than withinfamily experience in malware resolution when malware targets the general public than when a specific victim is targeted. Similar results-for example, the higher (lower) effect of cross-family (within-family) experience-were observed in the presence of information sharing among software vendors or during a disruption caused by a catastrophe. Our study contributes to a better understanding of the specific expertise required for security countermeasure providers to be able to respond under varying conditions to fast-evolving malware.

UR - http://www.scopus.com/inward/record.url?scp=84944902500&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84944902500&partnerID=8YFLogxK

U2 - 10.25300/MISQ/2014/38.3.02

DO - 10.25300/MISQ/2014/38.3.02

M3 - Article

AN - SCOPUS:84944902500

VL - 38

SP - 655

EP - 678

JO - MIS Quarterly: Management Information Systems

JF - MIS Quarterly: Management Information Systems

SN - 0276-7783

IS - 3

ER -