CONFIGURATION OF INTRUSION DETECTION SYSTEMS: A COMPARISON OF DECISION AND GAME THEORETIC APPROACHES

Proceedings of the International Conference on Information Systems, ICIS 2003

Volumn , Issue , 2003, Pages 692-705

  Cavusoglu, Huseyin ^a   Raghunathan, Srinivasan ^b  

^a TULANE UNIVERSITY   (United States)

^b UNIVERSITY OF TEXAS AT DALLAS   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER CRIME; DECISION THEORY; INTRUSION DETECTION; LEARNING SYSTEMS; PERSONAL COMPUTING;

CORE COMPONENTS; DECISION THEORETIC APPROACH; DECISION-THEORETIC; FALSE POSITIVE AND FALSE NEGATIVES; GAME-THEORETIC; INTRUSION DETECTION SYSTEMS; IT SECURITY; LOW-COSTS; SECURITY ARCHITECTURE; SYSTEMS CONFIGURATION;

GAME THEORY;

EID: 35048898874     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (18)

1. Axelsson, S. “The Base-Rate Fallacy and the Difficulty of Intrusion Detection,” ACM Transactions on Information and System Security (3:3), 2000, pp. 186-205.
2. Cavusoglu, H., Raghunathan, S., and Mishra, B. “Optimal Design of Information Technology (IT) Security Architecture,” in Proceedings of the Twenty-Second International Conference on Information Systems, L. Applegate, R. Galliers, and J. I. DeGross (eds.), Barcelona, Spain, 2002.
3. CERT Coordination Center. Security for Information Technology Service Contracts, CERT Security Improvement Modules, 2001.
4. Durst, R., Champion, T., Witten, B., Miller, E., and Spagnuolo, L. “Testing and Evaluating Computer Intrusion Detection Systems,” Communications of the ACM (42:7), 1999, pp. 53-61.
5. Fellingham, J., and Newman, P. “Strategic Considerations in Auditing,” The Accounting Review (60), October 1985, pp. 634-650.
6. Gaffney, J. E., and Ulvila, J. W. “Evaluation of Intrusion Detectors: A Decision Theory Approach,” IEEE Symposium on Security and Privacy, 2001, pp. 50-61.
7. Jajodia, S., and Miller, J. “Editor’s Preface,” Journal of Computer Security (16:4), 1993, pp. 43-53.
8. Jonsson, E., and Olovsson, T. “A Quantitative Model of Security Intrusion Process Based on Attacker Behavior,” IEEE Transactions on Software Engineering (23:4), 1997, pp. 235-245.
9. Lee, W., Fan, W., Miller, M., Stolfo, S., and Zadokm E. “Toward Cost-Sensitive Modeling for Intrusion Detection and Response,” Journal of Computer Security (10:1/2), 2002, pp. 5-22.
10. Lippmann, R., Haines, J. W., Fried, D. J., Korba, J., and Das, K. “The 1999 DARPA Off-Line Intrusion Detection Evaluation,” Computer Networks (34:4), 2000, pp. 579-595.
11. McHugh, J. “Testing Intrusion Detection Systems: A Critique of the 1998 and 1999 DARPA Intrusion Detection System Evaluations as Performed by Lincoln Laboratory,” ACM Transactions on Information and System Security (3:4), 2000, pp. 262-294.
12. NMAB. Configuration Management and Performance Verification of Explosives-Detection Systems, Publication NMAB-482-3, National Academy Press, Washington, DC, 1998.
13. Ortalo, R., Deswarte, Y,m and Kaaniche, M. “Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security,” IEEE Transactions on Software Engineering (25:5), 1999, pp. 633-650.
14. Sarkar, S., and Sriram, R. “Bayesian Models for Early Warnings of Bank Failures,” Management Science (47:11), 2001, pp. 1457-1475.
15. Shapiro, G. P., and Masand, B. “Estimating Campaign Benefits and Modeling Lift,” in Proceedings of KDD-99, ACM Press, New York, 1999, pp. 185-193.
16. Shapiro, G. P., and Steingold, S. “Measuring Lift Quality in Database Marketing,” SIGKDD Explorations (2:2), 2000, pp. 81-86.
17. Steingold, S., Wherry, R., and Shapiro, G. P. “Measuring Real-Time Predictive Models,” in Proceedings of IEEE International Conference on Data Mining, 2001, pp. 649-650.
18. Van Trees, H. Detection, Estimation and Modulation Theory-Part I. John Wiley, New York 2001.