MétaCan
Menu
Back to cohort
Record W2253489503

Security in Cyberspace: Combatting Distributed Denial of Service Attacks

2004· article· en· W2253489503 on OpenAlex

Why this work is in the frame

A frame that forgets how it found something cannot be audited. These are the routes that admitted this work.

affAt least one author lists a Canadian institution in the pinned OpenAlex snapshot.

Bibliographic record

VenueSSRN Electronic Journal · 2004
Typearticle
Languageen
FieldComputer Science
TopicInformation and Cyber Security
Canadian institutionsUniversity of Ottawa
Fundersnot available
KeywordsComputer securityCyberspaceDenial-of-service attackContext (archaeology)Internet privacyComputer scienceBusinessThe Internet
DOInot available

Abstract

fetched live from OpenAlex

The poor state of cyber security is now attracting broad attention outside the community of computer security experts. This is a welcome development since it is clear that cyber attacks impose heavy costs and that the rate of attack is increasing. There are reasons to believe that insufficient social resources are devoted to ensuring cyber security for various reasons including the existence of positive externalities associated with investments in cyber security. This paper selects one cyber security problem for close analysis, namely that of distributed denial of service attacks (DDOS). This paper focuses on DDOS attacks because they are quite interesting from the legal perspective. The positive externality problem of cyber security investment is posed fairly clearly in this context, and the many types of parties implicated in some way in a DDOS attack offer numerous possible objects of legal or regulatory pressure. Most commentary on DDOS attacks focuses on the roles of software developers who release insecure code the weaknesses of which are later exploited to launch DDOS attacks, and computer users who fail to take basic steps to secure their machines. Having reviewed the reasons for this state of affairs, and explored the possibility of applying legal pressure to the various types of parties involved in a DDOS attack, the paper concludes that it is likely most efficient to address the problem by focusing on software insecurity. One way in which to encourage improvement in software security is to impose liability in negligence for software that falls below a reasonable standard of security. The victim of a DDOS attack would be a good plaintiff in such an action. The victim may suffer the kind of concentrated loss that provides a sufficient incentive to sue. Furthermore, the victim of a DDOS attack is not open to charges of contributory negligence in the way that an end-user who failed to install patches would be. A negligence claim brought by the victim of a DDOS attack against the manufacturer of insecure software that is later exploited to launch an attack is a complex one that raises important issues of policy at various stages of the negligence inquiry: duty of care, standard of care and proximate cause. The proposed tort claim must address the traditional reluctance of courts to award damages in negligence for pure economic loss. It must also establish that there is a sufficiently close relationship between software manufacturer and DDOS victim that will justify a finding of a duty to protect the plaintiff against the deliberate harmful conduct of third parties - a ground of negligence that is recognized, inter alia, within the landlord-tenant relationship. The inquiry into whether a duty of care should exist in this context offers the opportunity to raise the current debate over whether the metaphor of physical space is an appropriate one for legal reasoning about cyberspace. Is a quasi-monopolist vendor of key Internet-related software an architect or landlord in cyberspace?

Fetched live from OpenAlex and de-inverted. Abstracts are not stored in this database: the inverted indexes are 8.6 GB of the frame’s 9.3 GB of text, and the host has 13 GB free.

Full frame distilled prediction

Teacher imitation

Not calibrated prevalence, not ground truth. Human validation pending. Learned from the 10,348 direct Codex labels and 10,348 direct Gemma labels. Candidate is the union of thresholded teacher heads; consensus is their intersection. These outputs are machine_predicted_unvalidated and are not human labels or direct frontier model labels.

metaresearch head score (Codex)0.001
metaresearch head score (Gemma)0.000
Version: codex-gemma-dda1882f352aValidation status: machine_predicted_unvalidated
Candidate categoriesnone
Consensus categoriesnone
DomainCandidate signal: none · Consensus signal: none
Study designCandidate signal: Theoretical or conceptual · Consensus signal: Theoretical or conceptual
GenreCandidate signal: Empirical · Consensus signal: Empirical
Teacher disagreement score0.251
Threshold uncertainty score0.606

Codex and Gemma teacher scores by category

CategoryCodexGemma
Metaresearch0.0010.000
Meta-epidemiology (narrow)0.0000.000
Meta-epidemiology (broad)0.0000.000
Bibliometrics0.0000.001
Science and technology studies0.0000.000
Scholarly communication0.0000.001
Open science0.0010.000
Research integrity0.0000.001
Insufficient payload (model declined to judge)0.0000.000

Machine scores (provisional)

The two teacher heads of the student model, read on this work. A score orders the frame for review; it never asserts a category, and the validation status ships verbatim with every row.

Baseline scores from an immature model (maturity gate not passed, 7 training rounds). Scores rank; they never assert a category.

Opus teacher head0.006
GPT teacher head0.234
Teacher spread0.229 · how far apart the two teachers sit on this one work
Validation statusscore_only:v0-immature-baseline · verbatim from the scoring run: score_only means the number may rank works, and no category label ships from it