David Maimon
Associate Professor of Criminology & Criminal Justice, University of Maryland
Key Findings
- Warning banners do not cause the immediate prevention of a first trespassing incident.
- There is no evidence that warning banners reduce the volume of repeated system trespassing incidents.
- Warning banners positively and significantly deter intruders by shortening the duration of the first and repeated trespassing incidences.
- The effect warning messages have deterring intruders is weakened in computers that have a large bandwidth and are being attacked repeatedly for a long duration of time.
Description
In the article, “Restrictive Deterrent Effects of a Warning Banner in an Attacked Computer System,” Maimon and his co-authors explored the effectiveness of security measures to deter unauthorized access to computer systems. This type of cybersecurity has not been researched enough despite increasing concerns for millions of Internet users. To conduct the study, researchers used computers built with the sole purpose of being attacked to determine whether or not warning banner displays had an impact on intruder behavior in two separate instances over 131 days and six months respectively. Up until the study, there had been mixed findings on whether or not warnings have been effective solutions to deter cyber attacks. This experiment also found the same mixed results. The data showed that warning banners do not prevent intruders or stop them from repeating their attacks. The researchers also found that banners impact the duration of time attackers spend on trespassing by shortening the time.