References
- Baltazar, J.; Costoya, J.; and Flores, R. The Real Face of Koobface: The Largest Web 2.0 Botnet Explained. Trend Micro Research, 2009. www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp_the-real-face-of-koobface.pdf.
- Benzel, T.; Braden, R.; Kim, D.; Neuman, C.; Joseph, A.; Sklower, K.; Ostrenga, R.; and Schwab, S. Design, deployment, and use of the DETER testbed, Proceedings of the DETER Community Workshop on Cyber-Security and Test. Boston, MA: USENIX, 2007.
- Bonacich, P. Power and centrality: A family of measures. American Journal of Sociology, 92, 5 (1987), 1170–1182.
- Bonacich, P. Factoring and weighting approaches to status scores and clique identification. Journal of Mathematical Sociology, 2, 1 (1972), 113–120.
- Borgatti, S. P. NetDraw: Software for Network Visualization. Lexington, KY: Analytic Technologies, 2002.
- Borgatti, S.P.; Mehra, A.; Brass, D.J.; and Labianca, G. Network analysis in the social sciences. Science, 323, 5916 (2009), 892–895.
- Borgatti, S.P. Centrality and network flow. Social Networks, 27, 1 (2005), 55–71.
- Cavusoglu, H.; Raghunathan, S.; and Yue, W.T. Decision-theoretic and game-theoretic approaches to IT security investment. Journal of Management Information Systems, 25, 2 (2008), 281–304.
- Cavusoglu, H.; Cavusoglu, H.; and Zhang, J. Security patch management: Share the burden or share the damage? Management Science, 54, 4 (2008), 657–670.
- Cavusoglu, H.; Mishra, B.; and Raghunathan, S. The value of intrusion detection systems in information technology security architecture. Information Systems Research, 16, 1 (2005), 28–46.
- Chen, A.; Lu, Y.; Chau, P.Y.K.; and Gupta, S. Classifying, measuring, and predicting users’ overall active behavior on social networking sites. Journal of Management Information Systems, 31, 3 (2014), 213–253.
- Chen, P.; Kataria, G.; and Krishnan, R. Correlated failures, diversification, and information security risk management. MIS Quarterly, 35, 2 (2011), 397–422.
- Chen, P.; Cheng, S.; and Chen, K. Optimal control of epidemic information dissemination over networks. IEEE Transactions on Cybernetics, 44, 12 (2014), 2316–2328.
- Chen, L.C., and Carley, K.M. The impact of countermeasure propagation on the prevalence of computer viruses. IEEE Transactions on Systems, Man and Cybernetics—Part B: Cybernetics, 34, 2 (2004), 823–833.
- Chi, M. Reducing the Risks of Social Media to Your Organization. Bethesda, MD: SANS Institute, 2011.
- Clauset, A.; Newman, M.E.J.; and Moore, C. Finding community structure in very large networks. Physical Review E, 70, 6 (2004), 066111.
- Computer Economics. Malware Report: The Economic Impact of Viruses, Spyware, Adware, Botnets, and Other Malicious Code. Irvine, CA: Computer Economics, 2007.
- Computer Security Institute. The Fifteenth Annual CSI Computer Crime and Security Survey. Monroe, WA: Computer Security Institute, 2010.
- Consumer Reports. Social insecurity: What millions of online users don’t know can hurt them. Consumer Reports, 2010.
- D’Arcy, J.; Hovav, A.; and Galletta, D. User awareness of security countermeasures and its impact on information systems misuse: A deterrence approach. Information Systems Research, 20 (2009), 79–98.
- Dezső, Z., and Barabási, A. Halting viruses in scale-free networks. Physical Review E, 65, 5 (2002), 055103.
- Economist. A thing of threads and patches. Economist, August 25, 2012.
- Fleizach, C.; Liljenstam, M.; Johansson, P.; Voelker, G.M.; and Mehes, A. Can you infect me now? Malware propagation in mobile phone networks. Proceedings of the 2007 ACM Workshop on Recurring Malcode. New York: ACM, 2007, pp. 61–68.
- Freeman, L.C.; Borgatti, S.P.; and White, D.R. Centrality in valued graphs: A measure of betweenness based on network flow. Social Networks, 13, 2 (1991), 141–154.
- Freeman, L.C. Centrality in social networks: Conceptual clarification. Social Networks, 1, 3 (1979), 215–239.
- Garetto, M.; Gong, W.; and Towsley, D. Modeling malware spreading dynamics. Twenty-Second Annual Joint Conference of the IEEE Computer and Communications (INFOCOM 2003). San Francisco: IEEE, 2003, pp. 1869–1879.
- Girvan, M., and Newman, M.E.J. Community structure in social and biological networks. Proceedings of the National Academy of Sciences of the United States of America, 99, 12 (2002), 7821–7826.
- Goldenberg, J.; Shavitt, Y.; Shir, E.; and Solomon, S. Distributive immunization of networks against viruses using the “honey-pot” architecture. Nature Physics, 1, 3 (2005), 184–188.
- Gordon, L.A., and Loeb, M.P. The economics of information security investment. ACM Transactions on Information and System Security, 5, 4 (2002), 438–457.
- Guo, H., Pathak, P., and Cheng, H. K. Estimating social influences from social networking sites: Articulated friendships versus communication interactions. Decision Sciences, 46, 1 (2015), 135–163.
- Guo, W.; Li, X.; and Wang, X. Epidemics and immunization on Euclidean distance preferred small-world networks. Physica A: Statistical Mechanics and Its Applications, 380 (2007), 684–690.
- Huang, C.; Lee, C.; Wen, T.; and Sun, C. A computer virus spreading model based on resource limitations and interaction costs. Journal of Systems and Software, 86, 3 (2013), 801–808.
- Karsai, M.; Kivelä, M.; Pan, R.K.; Kaski, K.; Kertész, J.; Barabási, A.; and Saramäki, J. Small but slow world: How network topology and burstiness slow down spreading. Physical Review E, 83, 2 (2011), 025102.
- Kephart, J.O., and White, S. R. Directed-graph epidemiological models of computer viruses. Proceedings of the 1991 IEEE Computer Society Symposium on Research in Security and Privacy, New York, NY: IEEE, 1991, pp. 343–359.
- Kim, J.; Radhakrishnan, S.; and Dhall, S.K. Measurement and analysis of worm propagation on Internet network topology. Proceedings of Thirteenth International Conference on Computer Communications and Networks. Washington, DC: IEEE Computer Society, 2004, pp. 495–500.
- Kumar, R.L.; Park, S.; and Subramaniam, C. Understanding the value of countermeasure portfolios in information systems security. Journal of Management Information Systems, 25, 2 (2008), 241–280.
- Lloyd, A.L., and May, R.M. How viruses spread among computers and people. Science, 292, (2001), 1316–1317.
- Mahajan, V.; Muller, E.; and Bass, F. M. New product diffusion models in marketing: A review and directions for research. Journal of Marketing, 54, 1 (1990), 1–26.
- Mansfield-Devine, S. Anti-social networking: Exploiting the trusting environment of web 2.0. Network Security, 11 (2008), 4–7.
- Matook, S.; Cummings, J.; and Bala, H. Are you feeling lonely? The impact of relationship characteristics and online social network features on loneliness. Journal of Management Information Systems, 31, 4 (2015), 278–310.
- McGowan, I. The use of growth curves in forecasting market development. Journal of Forecasting, 5, 1 (1986), 69–71.
- Merrill, T.; Latham, K.; Santalesa, R.; and Navetta, D. Social Media: The Business Benefits May Be Enormous, but Can the Risks—Reputational, Legal, Operational—Be Mitigated? Zurich, Switzerland: ACE Group, 2011.
- Moore, T., and Anderson, R. Internet security. In The Oxford Handbook of the Digital Economy, ed. J. Waldfogel and M. Peitz. Oxford: Oxford University Press, 2012, pp. 572–600.
- Moore, C., and Newman, M.E.J. Epidemics and percolation in small-world networks. Physical Review E, 61, 5 (2000), 5678–5682.
- Nelder, J.A. An alternative form of a generalized logistic equation. Biometrics, 18, 4 (1962), 614–616.
- Newman, M.E.J. A measure of betweenness centrality based on random walks. Social Networks, 27, 1 (2005), 39–54.
- Newman, M.E.J. Fast algorithm for detecting community structure in networks. Physical Review E, 69, 6 (2004), 066133.
- Newman, M.E.J., and Girvan, M. Finding and evaluating community structure in networks. Physical Review E, 69, 2 (2004), 026113.
- Newman, M.E.J., and Park, J. Why social networks are different from other types of networks. Physical Review E, 68, 3 (2003), 036122.
- Newman, M.E.J.; Forrest, S.; and Balthrop, J. Email networks and the spread of computer viruses. Physical Review E, 66, 3 (2002), 035101.
- Park, I.; Sharman, R.; Rao, H.R.; and Upadhyaya, S. Short term and total life impact analysis of email worms in computer systems. Decision Support Systems, 43 (2007), 827–841.
- Richards, F.J. A flexible growth function for empirical use. Journal of Experimental Botany, 10, 2 (1959), 290–301.
- Roff, D.A. Evolution of Life Histories: Theory and Analysis. New York: Springer, 1992.
- Stephenson, K., and Zelen, M. Rethinking centrality: Methods and examples. Social Networks, 11, 1 (1989), 1–37.
- Straub, D.W., and Welke, R.J. Coping with systems risk: Security planning models for management decision making. MIS Quarterly, 22, 4 (1998), 441–469.
- Symantec. The 2012 Norton Cybercrime Report. Mountain View, CA: Symantec. 2012.
- von Bertalanffy, L. Quantitative laws in metabolism and growth. Quarterly Review of Biology, 32, 3 (1957), 217–231.
- Wang, J.; Chaudhury, A.; and Rao, H.R. A value-at-risk approach to information security investment. Information Systems Research, 19, 1 (2008), 106–120.
- Wang, J.; Sharman, R.; and Zionts, S. Functionality defense through diversity: A design framework to multitier systems. Annals of Operations Research, 197, 1 (2010), 25–45.
- Wang, Y., and Wang, C. Modeling the effects of timing parameters on virus propagation. Proceedings of the 2003 ACM Workshop on Rapid Malcode. New York: ACM, 2003, pp. 61–66.
- Wang, C.; Knight, J.C.; and Elder, M.C. On computer viral infection and the effect of immunization, Proceedings of the Sixteenth Annual Computer Security Applications Conference (ACSAC 2000). New Orleans, 2000, 898879.
- Wang, Y.; Chakrabarti, D.; Wang, C.; and Faloutsos, C. Epidemic spreading in real networks: An eigenvalue viewpoint. Proceedings of the Twenty-Second International Symposium on Reliable Distributed Systems. Washington, DC: IEEE Computer Society, 2003, pp. 25–34.
- Xie, K., and Lee, Y. Social media and brand purchase: Quantifying the effects of exposures to earned and owned social media activities in a two-stage decision making model. Journal of Management Information Systems, 32, 2 (2015), 204–238.
- Xue, L.; Zhang, C.; Ling, H.; and Zhao, X. Risk mitigation in supply chain digitization: System modularity and information technology governance. Journal of Management Information Systems, 30, 1, (2013), 325–352.
- Yan, G.; Chen, G.; Eidenbenz, S.; and Li, N. Malware propagation in online social networks: Nature, dynamics, and defense implications, Proceedings of the Sixth ACM Symposium on Information, Computer and Communications Security. New York: ACM, 2011, pp. 196–206.
- Yu, J.; Hu, P.J.; and Cheng, T. Role of affect in self-disclosure on social network websites: A test of two competing models. Journal of Management Information Systems, 32, 2 (2015), 239–277.
- Yue, W.T., and Çakanyildirim, M. Intrusion prevention in information systems: Reactive and proactive responses. Journal of Management Information Systems, 24, 1 (2007), 329–353.
- Yue, W.T.; Çakanyıldırım, M.; Ryu, Y.U.; and Liu, D. Network externalities, layered protection and IT security risk management. Decision Support Systems, 44, 1 (2007), 1–16.
- Zhao, K.; Kumar, A.; Harrison, T.P.; and Yen, J. Analyzing the resilience of complex supply network topologies against random and targeted disruptions. IEEE Systems Journal, 5, 1 (2011), 28–39.
- Zhao, X.; Xue, L.; and Whinston, A.B. Managing interdependent information security risks: Cyberinsurance, managed security services and risk pooling arrangement. Journal of Management Information Systems, 30, 1 (2013), 123–152.
- Zhao, X.; Fang, F.; and Whinston, A.B. An economic mechanism for better Internet security. Decision Support Systems, 45, 4 (2008), 811–821.
- Zou, C.C.; Towsley, D.; and Gong, D.W. Email worm modeling and defense. Proceedings of the Thirteenth International Conference on Computer Communications and Networks. New York, NY: IEEE, 2004, pp. 409–414.