The Workshop on the Economics of Information Security (WEIS) is the leading forum for interdisciplinary scholarship on information security and privacy, combining expertise from the fields of economics, social science, business, law, policy, and computer science.

The WEIS 2018 program consists of the presentation and discussion of research papers. The papers have been selected in a rigorous peer-review process by an international program committee.

Ross Anderson has summarized all presentations in his liveblog.

Sunday, June 17, 2018

5:30-8:30pm Welcome Reception in the Atrium of the Court Church
Please join us for drinks and hors d’oeuvres at this historic site. Enter the atrium via the workshop registration desk at the entrance of the Museum of Tyrolean Regional Heritage, Universitätsstrasse 2, 6020 Innsbruck, Austria (250 meters walking distance from the conference hotel).


Monday, June 18, 2018

8:00-9:00am Registration
9:00-9:15am Chair’s Welcome

Rainer Böhme (Department of Computer Science)

9:15-9:30am Briefing on economic and behavioral economic research in Innsbruck

What do taxi drivers and IT experts have in common? On asymmetric information and fraud
Loukas Balafoutas (Department of Public Finance)

9:30-10:45am Session: Studying the Defender

Chair: Michel van Eeten

Designing organizations for cyber security resilience
Marshall Kuypers & Thomas Maillart

On the effort for security maintenance of open source components
Stanislav Dashevskyi, Achim D. Brucker & Fabio Massacci

Domain registration policy strategies and the fight against online crime
Janos Szurdi & Nicolas Christin

10:45-11:15am Coffee Break
11:15-12:30pm Session: Studying the Underground

Chair: Susan Landau

Issued for abuse: measuring the underground trade in code signing certificates
Kristián Kozák, Bum Jun Kwon, Doowon Kim & Tudor Dumitraş

Ransomware payments in the Bitcoin ecosystem
Masarah Paquet-Clouston, Bernhard Haslhofer & Benoit Dupont

To pay or not: game theoretic models of ransomware
Edward Cartwright, Julio Hernandez-Castro & Anna Stepanova

12:30-2:00pm Lunch
Meals will be served in the restaurant and gallery area on the first floor of the conference venue.
2:00-3:15pm Session: Cryptocurrencies and the Real World

Chair: Nicolas Christin

The rise and fall of cryptocurrencies
Amir Feder, Neil Gandal, JT Hamrick, Tyler Moore & Marie Vasek

Virtual currencies and fundamental rights
Christian Rückert

Bitcoin redux
Ross Anderson, Ilia Shumailov, Alessandro Rietmann & Mansoor Ahmed

3:15-3:45pm Coffee Break
3:45-5:00pm Session: Education and Behavior

Chair: Alessandro Acquisti

Better late(r) than never: Increasing cyber-security compliance by reducing present bias
Alisa Frik, Eyal Peer, Marian Harbach, Nathan Malkin & Serge Egelman

The effect of security education and expertise on security assessments: the case of software vulnerabilities
Luca Allodi, Marco Cremonini, Fabio Massacci & Woohyun Shim

Does online piracy make computers insecure? Evidence from panel data
Rahul Telang

5:00-6:00pm Steering Committee Meeting
Location: SR 2 on the ground floor of the conference hotel
7:00-10:00pm Social Event & Workshop Dinner
Stiftskeller Innsbruck, Stiftsgasse 1–7, 6020 Innsbruck, Austria (300 meters walking distance from the conference hotel)

Tuesday, June 19, 2018

8:30-9:00am Registration
9:00-9:05am Good Morning Address
9:05-10:20am Session: Cyber Risk Quantification and Insurance

Chair: Ross Anderson

The price of cyber (in)security: evidence from the Italian private sector
Claudia Biancotti

Embracing and controlling risk dependency in cyber insurance policy underwriting
Mohammad Mahdi Khalili, Mingyan Liu & Sasha Romanosky

Monte Carlo methods to investigate how aggregated cyber insurance claims data impacts security investments
Daniel W. Woods & Andrew C. Simpson

10:20-10:50am Coffee Break
10:50-12:30pm Session: Information Sharing and Privacy

Chair: Jens Grossklags

Incentives for human agents to share security information: a model and an empirical test
Alain Mermoud, Marcus Matthias Keupp, Kévin Huguenin, Maximilian Palmié & Dimitri Percia David

Information disclosure and security policy design: a large-scale randomization experiment in Pan-Asia
Yun-Sik Choi, Shu He, Yunhui Zhuang, Gene Moo Lee, Alvin Chung Man Leung & Andrew Whinston

An analysis of the effectiveness of the EU data breach notification obligation
Bernold Nieuwesteeg & Michael Faure

Sponsored search advertisement and consumer prices: an empirical investigation
Eduardo Abraham Schnadower Mustri, Alessandro Acquisti & Idris Adjerid

12:30-2:00pm Lunch
Meals will be served in the restaurant and gallery area on the first floor of the conference venue.
2:00-2:15pm Group Picture
The group picture will be taken in the Hofgarten next to the conference venue, weather permitting.
2:15-3:30pm Session: Markets and Signals

Chair: Sam Ransbotham

A trading market to incentivize secure software
Malvika Rao, Georg Link, Don Marti, Andy Leak & Rich Bodo

A bug bounty perspective on the disclosure of web vulnerabilities
Jukka Ruohonen & Luca Allodi

Analysis of leaky deception for network security using signaling games with evidence
Jeffrey Pawlick, Edward Colbert & Quanyan Zhu

3:30-4:00pm Coffee Break
4:00-4:55pm Rump Session

Chair: Tyler Moore

Participants are invited to give 5 minute talks on new ideas, reflections on presented work, ongoing research, research published recently in other venues, or entertaining perspectives. To reserve a slot, please sign up with the Rump Session Chair during the conference.

4:55-5:00pm Closing Remarks

WEIS 2019 will be held at Harvard.