This exploratory study is an empirical test of a model of the activities involved in hacking attacks, and the conditions associated with the increase in these activities. In a methodological innovation, the variables in the model were measured using non-reactive, secondary data obtained from sixty months of official statistical data, from 1999 through 2003. These variables were analyzed using stepwise regression. The results obtained support several of the model predictions. 1. Increased Broadband access by home and small business users is associated with an increase in Reconnaissance activities by hackers looking for vulnerable systems. 2. Increased Reconnaissance is associated with an increase in hacking attempts to obtain initial access through the use of Malicious Code. 3. The increase in User Compromise is associated with the increase in Root Compromise, reflecting hackers' efforts towards escalation of privilege. 4. The negative relationship between Root Compromise and Denial of Service supports the prediction that hacker frustration at failing to gain control of a resource may be one of the factors contributing to Denial of Service attacks. 5. Environmental variables (Broadband and Number of Hosts) are positively related to one another. These results suggest potentially significant implications for research and practice.
Bento, Al and Bento, Regina
"Empirical Test of a Hacking Model: An Exploratory Study,"
Communications of the Association for Information Systems:
Vol. 14, Article 32.
Available at: http://aisel.aisnet.org/cais/vol14/iss1/32