More appropriate and efficient security solutions against system trespassing incidents can be developed once the attack threat is better understood. However, few empirical studies exist to assess the attack threat. Our proposed research applies "soft science" models (i.e. sociological psychological and criminological) in effort to better understand the threat of system trespassing. The proposed research will draw on data collected on attackers who gain illegitimate access to computers by finding the correct combination username/password on SSH to a computer running Unix, during a randomized experiment. Once an attacker has access to the computer, he/she can build the attack over a period of 30 days. Previous research has shown that a warning banner does not have an effect when attackers launch an attack but does when deciding which computer to use to develop an attack.
Does the Presence of Honest Users Affect Intruder Behavior?