| Abstract: |
Distributed Denial of Service (DDoS) attacks are a frequently occurring type
of cybercrime, with potentially large costs to the real economy. We propose a
simple model of the size and direction of DDoS attacks.
The main predictions
of the model are that effective botnets are located in countries with many
internet users and high internet speeds, and that the most attractive targets
of DDoS attacks are countries with many internet users.
We use a theoretical
framework to derive a structural equation that resembles the â€gravity
equations†common in the literature on international trade. The empirical
results are consistent with the predictions of the model. The number of
internet users is strongly related to the number of international DDoS
attacks: our results suggest that a ten percent increase in the number of
internet users worldwide would raise the total number of DDoS attacks by eight
percent. Bandwidth in the country of origin is also significantly related to
attacks, but quantitatively not very important. The vulnerability of computers
does not seem influential.
Trade relations are significantly related to
attacks, while other economic factors including GDP per capita do not appear
to play a role. The geographical distance between countries is not relevant,
while historical ties between countries are significantly related to the
number of attacks.
This paper is one of the first to explore possible
determinants of cybercrime at an aggregate level. We hope that by uncovering
some general patterns in the data, our research may contribute to the growing
and exciting field of cybersecurity economics. |