PeerSec: Towards Peer Production and Crowdsourcing for Enhanced Security

Peer production and crowdsourcing have been widely implemented to create various types of goods and services. Although successful examples such as Linux and Wikipedia have been established in other domains, experts have paid little attention to peer-produced systems in computer security beyond collaborative recommender and intrusion detection systems. In this paper we present a new approach for security system design targeting a set of non-technical, self-organized communities. We argue that unlike many current security implementations (which suffer from low rates of adoption), individuals would have greater incentives to participate in a security community characterized by peer production. A specific design framework for peer production and crowd-sourcing are introduced. One high-level security scenario (on mitigation of insider threats) is then provided as an example implementation. Defeating the insider threat was chosen as an example implementation because it has been framed as a strictly (and inherently) firm-produced good. We argue that use of peer production and crowd-sourcing will increase network security in the aggregate.