10,056 research outputs found

    Economic Factors of Vulnerability Trade and Exploitation

    Full text link
    Cybercrime markets support the development and diffusion of new attack technologies, vulnerability exploits, and malware. Whereas the revenue streams of cyber attackers have been studied multiple times in the literature, no quantitative account currently exists on the economics of attack acquisition and deployment. Yet, this understanding is critical to characterize the production of (traded) exploits, the economy that drives it, and its effects on the overall attack scenario. In this paper we provide an empirical investigation of the economics of vulnerability exploitation, and the effects of market factors on likelihood of exploit. Our data is collected first-handedly from a prominent Russian cybercrime market where the trading of the most active attack tools reported by the security industry happens. Our findings reveal that exploits in the underground are priced similarly or above vulnerabilities in legitimate bug-hunting programs, and that the refresh cycle of exploits is slower than currently often assumed. On the other hand, cybercriminals are becoming faster at introducing selected vulnerabilities, and the market is in clear expansion both in terms of players, traded exploits, and exploit pricing. We then evaluate the effects of these market variables on likelihood of attack realization, and find strong evidence of the correlation between market activity and exploit deployment. We discuss implications on vulnerability metrics, economics, and exploit measurement.Comment: 17 pages, 11 figures, 14 table

    The Diversity and Dynamics of Industrial Organisation: Transformation of Local Assemblers in the Vietnamese Motorcycle Industry

    Get PDF
    This paper focuses on an emerging arm's-length form of industrial organisation in the motorcycle industry, which had traditionally been characterised by tightly integrated form of organisation. By engaging in how this new form of organisation that emerged in China was transferred to Vietnam and evolved in the Vietnamese context, this paper seeks to illustrate how the rise of local firms in developing countries is driving the increased diversity and dynamics of industrial organisation in an industry that had previously been dominated by TNCs from developed countries.Motorcycles, industrial organisation, motorcycle industry, Asia, China, Vietnam

    Lubricant Social Marketing - Lessons Learned

    Get PDF
    With the most and longest experience social marketing lubricants, PSI is clearly the leader and within PSI is where the lessons learned primarily lie. The findings in this report come from the few PSI and Non-PSI lubricant social marketing projects implemented (or to be implemented) in Bolivia, Cote d'Ivoire, Romania, the Philippines, Nigeria, Laos, Bombay India, Myanmar, Papua New Guinea, and Central America and some projects distributing lubricants free of charge in Jamaica, India, South Africa, Hong Kong, and Chad. Most countries were very cooperative with sharing their lessons, however, with changes in project leadership valuable details of corporate memory have been lost. Even with PSI's pioneering in lubricants, in the midst of all the condom marketing, lubricants are a peripheral product. This report also examines the notion that "a condom is only as good as the lubricant.

    Moving from Data-Constrained to Data-Enabled Research: Experiences and Challenges in Collecting, Validating and Analyzing Large-Scale e-Commerce Data

    Get PDF
    Widespread e-commerce activity on the Internet has led to new opportunities to collect vast amounts of micro-level market and nonmarket data. In this paper we share our experiences in collecting, validating, storing and analyzing large Internet-based data sets in the area of online auctions, music file sharing and online retailer pricing. We demonstrate how such data can advance knowledge by facilitating sharper and more extensive tests of existing theories and by offering observational underpinnings for the development of new theories. Just as experimental economics pushed the frontiers of economic thought by enabling the testing of numerous theories of economic behavior in the environment of a controlled laboratory, we believe that observing, often over extended periods of time, real-world agents participating in market and nonmarket activity on the Internet can lead us to develop and test a variety of new theories. Internet data gathering is not controlled experimentation. We cannot randomly assign participants to treatments or determine event orderings. Internet data gathering does offer potentially large data sets with repeated observation of individual choices and action. In addition, the automated data collection holds promise for greatly reduced cost per observation. Our methods rely on technological advances in automated data collection agents. Significant challenges remain in developing appropriate sampling techniques integrating data from heterogeneous sources in a variety of formats, constructing generalizable processes and understanding legal constraints. Despite these challenges, the early evidence from those who have harvested and analyzed large amounts of e-commerce data points toward a significant leap in our ability to understand the functioning of electronic commerce.Comment: Published at http://dx.doi.org/10.1214/088342306000000231 in the Statistical Science (http://www.imstat.org/sts/) by the Institute of Mathematical Statistics (http://www.imstat.org

    Unveiling the power of selling spare-parts as a happy-meal

    Get PDF
    Companies selling industrial machines are seeing a shift where profits are moving from new sales, towards retrieving revenue throughout the whole customer life cycle. Instead of selling new machines, the companies in the industry need to look towards what is referred to as “the aftermarket”. The aftermarket is the part of the market where spare-parts and maintenance services are sold to existing customers. This part of the market is growing rapidly, and the competition on capturing market shares of the after-market have been increasing. Manufacturers of industrial machines need to capture market shares from the aftermarket, which currently is under the pressure of increased competition. Today, spare-parts can be sold either separately, or in combination with maintenance services. However, the first alternative is tedious for the customers, and the other alternative is not applicable for all customer segments. A third alternative, namely putting spare-parts together in bundles or “spare-part-kits” is also possible, but its potential has not been investigated until today. Investigate how a company can become a more attractive supplier of spare-parts by offering the parts in spare-part-kits. 1. Who are the stakeholders involved in the purchase of spare-parts? 2. Why is the concept of spare-part-kits relevant to suppliers of spare-parts? 3. What should be considered when implementing spare-part-kits? This thesis uses a holistic perspective to the problem, aiming to investigate how spare-part- kits would affect the organization as a whole. This is done by investigating the different parts of the organization relevant for the study by adopting a systems view to the problem, outlining the work by taking support in the Business Model Canvas. Spare-part-kits have the potential of increasing customer satisfaction and therefore also the potential of increasing sales of spare-parts. Spare- part-kits can reduce the time spent on ordering, handling and administrating spare-parts, improving communication internally between the stakeholders within the customer company. From a supplier’s point of view could spare-part- kits increase the customers trust towards the supplier and provide the customer with the ability to evaluate the process of ordering spare- parts.BACKGROUND Companies that are selling industrial machines are seeing a shift where their profits are moving away from new sales, towards retrieving revenue throughout the whole customer life cycle. Instead of selling new machines, the companies in the industry need to look towards what is referred to as “the aftermarket”. The aftermarket is the part of the market where spare-parts and maintenance services are sold to existing customers. This part of the market is growing rapidly, and the competition on capturing market shares of the after-market have been also been increasing. PROBLEMATIZATION AND PURPOSE Manufacturers of industrial machines need to capture market shares from the aftermarket, which, as stated earlier, is currently under the pressure of increased competition. Today, spare-parts can be sold either separately, or in combination with maintenance services. However, the first alternative is tedious for the customers, and the other alternative is not applicable for all customer segments. A third alternative, putting spare-parts together in bundles, “service-kits”, is possible, but its potential has not been investigated until today why the purpose of the thesis is to: “Investigate how a company can become a more attractive supplier of spare-parts by offering the parts in service-kits” METHODOLOGY This thesis uses a holistic perspective to the problem, aiming to investigate how service-kits would affect the organization as a whole. This is done by investigating the different parts of the organization relevant for the study by adopting a systems view to the problem, outlining the work by taking support in the Business Model Canvas (BMC). The BMC is a framework developed by Alexander Osterwalder and Yves Pigneur in 2010 that identifies nine generic building blocks needed to consider when setting up a successful business model. CONCLUSIONS Service-kits have the potential to increase customer satisfaction and therefore also the potential of increasing spare-parts business as a whole. Service-kits can reduce the time spent on ordering, handling and administrating spare-parts as well as improve communication internally between the stakeholders within the customer company. This since the kits aggregates a large number of spare-parts into one single convenient package instead of multiple. Looking at the concept from a supplier’s point of view could service-kits help increase the customers trust towards the supplier and provide the customer with an improved ability to evaluate the process of ordering spare-parts

    Enabling Micro-level Demand-Side Grid Flexiblity in Resource Constrained Environments

    Full text link
    The increased penetration of uncertain and variable renewable energy presents various resource and operational electric grid challenges. Micro-level (household and small commercial) demand-side grid flexibility could be a cost-effective strategy to integrate high penetrations of wind and solar energy, but literature and field deployments exploring the necessary information and communication technologies (ICTs) are scant. This paper presents an exploratory framework for enabling information driven grid flexibility through the Internet of Things (IoT), and a proof-of-concept wireless sensor gateway (FlexBox) to collect the necessary parameters for adequately monitoring and actuating the micro-level demand-side. In the summer of 2015, thirty sensor gateways were deployed in the city of Managua (Nicaragua) to develop a baseline for a near future small-scale demand response pilot implementation. FlexBox field data has begun shedding light on relationships between ambient temperature and load energy consumption, load and building envelope energy efficiency challenges, latency communication network challenges, and opportunities to engage existing demand-side user behavioral patterns. Information driven grid flexibility strategies present great opportunity to develop new technologies, system architectures, and implementation approaches that can easily scale across regions, incomes, and levels of development

    The politics of innovation: why innovations need a godfather

    Get PDF
    Innovation is closely linked to the development of technology. Hence it is often assumed that when an innovation fails it is the technology that is at fault. While this may be true in many instances, there are occasions when it is not the technology that is at fault, rather, it is managerial and organisational aspects that cause problems and lead to failure. Studies have shown that individuals who take on specific roles can play an important part in avoiding these problems. These roles include the technological gatekeeper, the product champion and the sponsor/coach. In addition to these roles, this paper argues that there is another, namely that of godfather. With this role a highly respected, senior figure within an organisation provides support that is critical in ensuring the project overcomes the hurdles that lie in the path of any major new development. The nature of the godfather role is explored through three case studies. These provide examples of the role and show how it can facilitate the innovation process

    Diffusion of mobile phones in Portugal: unexpected success?

    Get PDF
    This paper begins with a somewhat paradoxical situation: Portugal is one of the less innovative countries within the European Union by most innovation indicators but, simultaneously, it is a leading country in the diffusion of mobile phones. The remarkable evolution of the mobile telecommunications sector over the last 15 years turns the issue a little more intriguing. This paper addresses the diffusion of mobile phones in Portugal and focuses particularly on the take-off stage, which signalled a sudden change in the pattern of diffusion. The introduction of an innovation – prepaid cards – explains most of the change in the diffusion curve occurred around 1996 and the subsequent increase in the penetration rate. Prior known research has not considered pre-paid cards an important determinant of mobile phone diffusion, but pre-paid services had an enormous impact on the rate of adoption of mobile phones in many countries and it is the major take-off determinant of mobile phone diffusion in Portugal. The time lag between the launching of this innovation in Portugal and its adoption by other EU countries explains why Portugal not just caught up with the EU average mobile phone penetration rate around 1996, but moved ahead of it from then on
    corecore