Web Infections and Protections (WIPP): Economics
Arnold W. Kwong and Bruce Healton
© All Rights Reserved. Extratelligence, 2013

Abstract
Web Infections and Protections (WIPP) is a series of papers, presentations, and technical references developed by Healton, Kwong, and Lancaster (1998-onwards).

The initial purpose of Web Infections and Protections was to research and discuss emerging threats against computers, networks, and infrastructure by new techniques and attack vectors not previously explored. A key analysis technique was the application of biological contagion models to the existence of infectious objects spreading between computing nodes via networks and other connections. Continuing Web Infections and Protections research explores the strategy, protocols, and futures involved with ongoing Security Information Practices, conduct of technical practitioners, and the behavior of the immersive environment we now live in.

This presentation will focus on looking at the perpetrators of behavior that is not in keeping with keeping unwelcome eyes averted and hands in their own pockets (and off the money-clip). Attack and defense, surveillance and reconnaissance, monitoring and snooping, anti-[bodies] and pre-emption – all are perspectives of activities that are good or bad depending on peoples’ viewpoints.

In “Web Infections and Protections (WIPP): Economics” the specific motivations, rewards, behaviors, and structures of countermeasures are examined and discussed. Case examples and incidents include StuxNet, Conficker, Code Red, SSL, GSM, MyDoom, with the context of other identified attacks, VoIP, competitions, and awareness. The roles of botnets, offensive countermeasures, and other practices are discussed. The planned discussion is restricted to a light to moderate technical level and is accessible.

The Lessons from WIPP include:
·        New infections can’t be guessed at ahead of time. The flaws in behavior and code may not be obvious even upon inspection.
·        New infection routes may be unknowable when systems and protocols are put in place
·        New infection damage is hard to find and hard to remediate.
·        Threat models are a map – they aren’t the territory.
·        Threat calculations are just that – calculations that are as good or bad as their data.

WIPP isn’t about the ethical behavior or morals, nor about ‘black hats and white hats’, nor about ‘hackers’ and ‘ethical hackers’. WIPP is about what, how, when, and where the behavior was manifest. WIPP examines the past and predicts the future.

Background: Selected Papers and Presentations

•        IEEE Aerospace Conference 1998, “Java, Agents, and Chronic Infections”, Healton, Kwong, and Lancaster
•        IEEE COMPSAC 1998, “Web Infections and Protections”, Healton, et al.
•        IEEE COMPSAC 1999, “Protecting against Internet Threats”, Healton, et al
•        IEEE COMPSAC 2000, “Web Infections and Protections 2000: The E-Commerce Perspective”, Kwong
•        IEEE COMPSAC 2001, “Measure and Countermeasure: Information Security in an Infowar”, Kwong
•        CyberCrime 2002, “The Dark Side of the Internet”, Healton
•        CyberCrime 2002, “Wireless Data and Voice Information Protection: Protecting Mobile Workers from Digital Disruptions”, Kwong
•        MnIPS 2003, “E-Commerce Gone Bad: What to do after it passes”, Kwong
•        MnIPS 2003, “Protecting Your e-Commerce Website”, Healton
•        MnFut 2010, “Cloudy with a Chance of Rain”, Healton