Configuration of Intrusion Detection Systems: A Comparison of Decision and Game Theoretic Approaches

Intrusion detection systems (IDSs) have become a core component of a firm’s IT security architecture. While IDSs enable real time detection of intrusions, a common criticism has been the frequency of false alarms, which undermines their effectiveness. A fundamental problem with IDSs for intrusion detection is achieving the optimal balance between detection rate and false positive and false negative rates. Many firms use decision theoretic approaches to deal with the IDS configuration problem. While decision theoretic approaches are appropriate for configuring many types of machine learning and classification software that suffer from false positive and false negative errors, we argue that decision theoretic approaches have fundamental limitations for configuring IDSs. Decision theoretic approaches are based on the presumption that configuration does not influence the behavior of hackers. Game theoretic approaches recognize the fact that hackers do modify their strategies in response to firms’ actions. In this paper, we compare the decision and game theoretic approaches to the IDS configuration problem when firms are faced with strategic hackers. We find that under most circumstances firms incur lower costs when they use game theory as opposed to decision theory because decision theory approach frequently either over- or under-configures the IDS. However, firms incur the same or lower cost under decision theory approach compared to the game theory approach if configurations under decision theory and game theory are sufficiently close. A limitation of the game theory approach is that it requires user specific utility parameters, which are difficult to estimate. Decision theory, in contrast to game theory, requires the attack probability estimate, which is more easily obtained

Privacy Controls and Disclosure Behavior

We examine the relationship among privacy controls, dynamic content-sharing activities, and disclosure patterns of Facebook users based on the exogenous policy change in December 2009 that introduced granular privacy controls. Using a unique large panel dataset, we empirically assess the short-run and long-run effects of the change on wall posting and private messaging and the resulting disclosure patterns based on these sharing activities. Results show that Facebook users, on average, increase use of wall posts and decrease use of private messages after the introduction of granular privacy controls. Also, users’ disclosure patterns change to reflect the increased openness in content sharing. These effects are realized immediately and over time. To the best of our knowledge, this is the first study that relies on observational data to assess the impact of a major privacy change on dynamic content-sharing activities and the resulting disclosure patterns of Facebook users

The Effect of Customers’ Emotion on Service Recovery Strategy in IT Service Failures

IT service support staff that deals with customer service inquiries online plays a key role in ensuring customer satisfaction and shaping customer experience. In reaction to service failures customers may exhibit some emotions that may influence service support staff’s response. Without a face-to-face interaction with customers, service support cannot detect the emotional signals sent out from customers. Instead service providers must rely on the content of email or online form received to detect any emotional cues. Using data from an issues tracking system, we will empirically test (i) the effect of customer’s emotion encoded in text content on service support staff’s response and (ii) the effect of service recovery strategy on customer’s sentiment on service quality when the service is recovered. Thus, the study will enrich our knowledge in the relationship between customer emotion and service recovery strategy in the context of IT service support

Two-sided Adverse Selection and Bilateral Reviews in the Sharing Economy

Online peer-to-peer platforms match service providers with consumers. Both providers and consumers derive heterogeneous payoffs depending on whom they are matched with. To ensure that providers and consumers identify the most valuable matches, many of these platforms elicit relevant information from and also disclose the information to the market participants by adopting bilateral review schemes. Although the bilateral review scheme has its own merits in reducing information asymmetry and possibly enabling better matches, its impact on the various stakeholders in online peer-to-peer platforms remains unexplored. We show that, in equilibrium, the bilateral review scheme intensifies price competition among service providers to attract low-cost consumers and consequently reduces the platform\u27s profit. Interestingly, service providers may be better off with more intense price competition and lower prices when the proportion of low-cost consumers is sufficiently high. More importantly, we find that social welfare is not always higher under the bilateral review scheme compared to either the unilateral review scheme or no reviews. Our findings demonstrate that even though the bilateral review scheme eliminates the information asymmetry and adverse selection on both sides of the market, it does not necessarily enhance market efficiency when competing providers strategically respond to reviews by adjusting their prices

Optimal Design of Information Technology Security Architecture

Information technology (IT) security has emerged as an important issue in e-commerce. Firms typically employ multiple security technologies such as firewalls and intrusion detection systems (IDS) to secure their IT systems. An assessment of the value of these technologies is crucial for firms to design the optimal architecture. Such assessments are also useful to security technology developers in focusing their design efforts. We describe in this report our ongoing research in economic modeling of IT security management. Specifically we describe the technologies used in a typical IT security architecture, a game theoretical model of the significant aspects of the architecture, preliminary analysis of the model, and our current and future work. Our research, when completed, will yield guidelines that will help security technology deployment firms make their investment decisions and security technology developers make their design decisions

Two-Sided Sharing Platforms: Sell Upfront Subscriptions or Not?

Two-sided sharing platforms match independent third-party service providers (i.e., supply) to consumers (i.e., demand). Unlike firms that employ their own stable supply, a two-sided sharing platform only has an indirect control over the supply side through wage, and its marginal service cost depends on the number of consumers who need the service, i.e., demand potential, and the number of providers who are available to serve, i.e., supply potential. Furthermore, demand potential and supply potential change over a relatively short period, creating variability on the demand side as well as the supply side. Offering a subscription option with an upfront fee is a widely adopted firm strategy to smooth out the demand-side variability. However, whether this strategy is profitable for a two-sided sharing platform is unclear, although some platforms have been experimenting with subscription models. In this paper, we examine a monopolistic sharing platform’s decision on offering a subscription option, when it faces consumers/providers with uncertain valuation/cost and heterogeneous need frequencies. We find that the platform’s incentive to offer a subscription option hinges on the provider-to-consumer coverage ratio, defined as the ratio of the number of providers to the number of consumers, in the market: (i) when the ratio is low, offering a subscription option is sub optimal; (ii) when the ratio moderate, offering a subscription option that would induce only frequent consumers to subscribe (mixed subscription) is optimal; (iii) when the ratio is high, offering a subscription option that would induce all consumers to subscribe (pure subscription) is optimal. We also identify the effects of demand variability and supply variability on the platform’s incentive to offer the subscription option

Strategic Implications of Online Retail Platforms’ Membership-Based Free Shipping Programs

Product shipping is an indispensable but costly operation in online retailing. Although several initiatives are underway to reduce the shipping cost, an important innovation is the membership-based free shipping (MFS) program, in which a retail platform that allows third-party sellers to sell their products for a commission bears the shipping costs for purchases made by members who have paid an up-front fee. We identify several strategic impacts of MFS programs that are the key drivers to their success from the platform’s or other stakeholders’ perspectives. For example, we find that the membership fee collected by the platform does not cover its shipping cost, which suggests the MFS program benefits members and hurts the platform if the program is evaluated based on direct operational considerations only. However, we also show that the MFS program actually benefits the platform and hurts consumers when the shipping cost is less than a threshold. Moreover, the platform’s benefit from the MFS program follows an inverted U shape with respect to the shipping cost, suggesting that the program enjoys the greatest benefit for products with a moderate shipping cost. Even though the MFS program enhances the overall consumer demand and consumption, it could hurt society because the MFS program stimulates demand from consumers who have a low consumption utility relative to the shipping cost. Our results demonstrate that the MFS program is not just a shipping cost-transfer mechanism; rather, it is a strategic initiative by online retail platforms to exploit the need for product shipping to their advantage