Hacking back: Optimal use of self-defense in cyberspace
Should the law permit hackback? How should the law on self-defense in cyberspace be designed? In this paper, we use game-theoretic analysis to develop criteria that determine whether police enforcement, litigation, or hackback is best, and under what circumstances. Our model suggests that the law sh...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | text |
| Published: |
Animo Repository
2009
|
| Subjects: | |
| Online Access: | https://animorepository.dlsu.edu.ph/faculty_research/7981 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | De La Salle University |
| Summary: | Should the law permit hackback? How should the law on self-defense in cyberspace be designed? In this paper, we use game-theoretic analysis to develop criteria that determine whether police enforcement, litigation, or hackback is best, and under what circumstances. Our model suggests that the law should permit hackback only if: (1) other alternatives, such as police enforcement and resort to courts, would be ineffective; (2) there is a serious prospect of hitting the hacker instead of innocent third parties; and (3) the damages that can be potentially mitigated to the defender's systems outweigh the potential damages to third parties. The law should require that counterstrikers use only force that is necessary to avoid damage to their own systems. Also, proper liability rules will induce counterstrikers to internalize the damages of third parties in their decision-making. Finally, better intrusion detection systems (IDS) and traceback technology improve the deterrent effect and efficacy of hackback. |
|---|