While the US is ranked 11th safest of 44 nations studied, several Scandinavian countries like Denmark, Norway and Finland were ranked the safest in the book authored by V.S. Subrahmanian, professor of computer science at the University of Maryland.
"Our goal was to characterise how vulnerable different countries were, identify their current cyber-security policies and determine how those policies might need to change in response to this new information," said Subrahmanian, with the University of Maryland Institute for Advanced Computer Studies (UMIACS).
Damaging cyber-attacks on a global scale continue to surface every day. Some nations are better prepared than others to deal with online threats from criminals, terrorists and rogue nations.
Subrahmanian discussed the findings at a panel discussion hosted by the Foundation for Defense of Democracies in Washington on Wednesday.
The authors conducted a two-year study that analysed more than 20 billion automatically generated reports, collected from four million machines per year worldwide.
The researchers based their rankings, in part, on the number of machines attacked in a given country and the number of times each machine was attacked.
Machines using Symantec anti-virus software automatically generated these reports, but only when a machine's user opted in to provide the data.
Trojans, followed by viruses and worms, posed the principal threats to machines in the US.
However, misleading software (fake anti-virus programmes and disk cleanup utilities) was far more prevalent in the US compared with other nations that have a similar gross domestic product, the authors noted.
The results suggest that US efforts to reduce cyber threats should focus on education to recognise and avoid misleading software.
"People - even experts - often have gross misconceptions about the relative vulnerability (to cyber-attack) of certain countries. The authors of this book succeed in empirically refuting many of those wrong beliefs," said Isaac Ben-Israel, chair of the Israeli Space Agency and former head of that nation's National Cyber Bureau, in a foreword to the book.
The co-authors on the book are Michael Ovelgonne, a former UMIACS postdoctoral researcher; Tudor Dumitras, assistant professor of electrical and computer engineering in the Maryland Cybersecurity Centre; and B. Aditya Prakash, assistant professor of computer science at Virginia Tech.
A related research paper was presented at the 9th ACM International Conference of Web Search and Data Mining in February this year.