Intrusion prevention in information systems: Reactive and proactive responses

Journal of Management Information Systems

Volumn 24, Issue 1, 2007, Pages 329-353

  Yue, Wei T ^a   Çakanyildirim, Metin ^a  

^a UNIVERSITY OF TEXAS AT DALLAS   (United States)

Author keywords

Information security; Intrusion detection; Intrusion prevention; Intrusion response

Indexed keywords

INFORMATION MANAGEMENT; INTRUSION DETECTION; OPTIMAL CONTROL SYSTEMS; SECURITY SYSTEMS; STRATEGIC PLANNING;

INTRUSION PREVENTION; INTRUSION RESPONSE;

INFORMATION SYSTEMS;

EID: 38349147070     PISSN: 07421222     EISSN: None     Source Type: Journal    
DOI: 10.2753/MIS0742-1222240110     Document Type: Article

References (37)

1. Amoroso, E.G. Intrusion Detection: An Introduction to Internet Surveillance, Correlation, Trace Back, Traps, and Response. Sparta, NJ: Intrusion.Net Books, 1999.
2. Axelsson, S. The base-rate fallacy and the difficulty of intrusion detection. ACM Transactions on Information and System Security, 3, 3 (2000), 186-205.
3. Bace, R., and Mell, P. NIST special publication on intrusion detection systems. White Paper, United States Department of Commerce, Gaithersburg, MD, 2001 (available at http://csrc.nist.gov/publications/ nistpubs/800-31/sp800-31.pdf).
4. Balepin, I.; Maltsev, S.; Rowe, J.; and Levitt, K. Using specification-based intrusion detection for automated response. In G. Vigna, E. Jonsson, and C. Krugel (eds.), Proceedings of the Sixth International Symposium on Recent Advances in Intrusion Detection (RAID 2003). Berlin: Springer, 2003, pp. 136-154.
5. Carver, C.A., Jr., and Pooch, U.W. An intrusion response taxonomy and its role in automatic intrusion response. In Proceedings of the 2000 IEEE Workshop on Information Assurance and Security. Los Alamitos, CA: IEEE Computer Society, 2000, pp. 129-135.
6. Cavusoglu, H.; Mishra, B.; and Raghunathan, S. The value of intrusion detection systems (IDSs) in information technology security architecture. Information Systems Research, 16, 1 (2005), 28-46.
7. Cavusoglu, H., and Raghunathan, S. Configuration of detection software: A comparison of decision and game theory approaches. Decision Analysis, 1, 3 (2004), 131-148.
8. Clemons, E.K., and Hitt, L.M. Poaching and the misappropriation of information: Transaction risks of information exchange. Journal of Management Information Systems, 21, 2 (Fall 2004), 87-107.
9. De, P., and Hsu, C. Adaptive information systems control: A reliability-based approach. Journal of Management Information Systems, 3, 2 (Fall 1986), 33-51.
10. El Sawy, O.A., and Nanus, B. Toward the design of robust information systems. Journal of Management Information Systems, 5, 4 (Spring 1999), 33-54.
11. Endorf, C.; Schultz, E.; and Mellander, J. Intrusion Detection & Prevention. Emeryville, CA: Osborne/McGraw-Hill, 2004.
12. Fisch, E.A. Intrusion damage control and assessment: A taxonomy and implementation of automated responses to intrusive behavior. Ph.D. dissertation, Computer Science, Texas A&M University, College Station, 1996.
13. Gordon, L.A.; Loeb, M.P.; Lucyshyn, W.; and Richardson, R. 2005 CSI/FBI computer crime and security survey. White Paper, Computer Security Institute, San Francisco, CA, 2005.
14. Han, K.; Kauffman, R.J.; and Nault, B.R. Information exploitation and interorganizational systems ownership. Journal of Management Information Systems, 21, 2 (Fall 2004), 109-135.
15. Janice, C., and Gaimon, C. Improving manufacturing performance through process change and knowledge creation. Management Science, 46, 2 (2000), 265-288.
16. Julisch, K. Clustering intrusion detection alarms to support root cause analysis. ACM Transactions on Information and System Security, 6, 4 (2003), 443-471.
17. Lippmann, R.P.; Fried, D.J.; Graf, I.; Haines, J.W.; Kendall, K.R.; McClung, D.; Weber, D.; Webster, S.E.; Wyschogrod, D.; Cunningham, R.K.; and Zissman, M.A. Evaluating intrusion detection systems: The 1998 DARPA off-line intrusion detection evaluation. In DARPA Information Survivability Conference and Exposition, 2000 (DISCEX '00), vol. 2. Los Alamitos, CA: IEEE Computer Society, 2000, pp. 12-26.
18. Metz, C.E. Basic principles of ROC analysis. Seminars in Nuclear Medicine, 8, 4 (1978), 283-298.
19. Michael, C.C., and Ghosh, A. Simple, state-based approaches to program-based anomaly detection. ACM Transactions on Information and System Security, 5, 3 (2002), 203-237.
20. Ning, P.; Cui, Y.; Reeves, D.S.; and Xu, D. Techniques and tools for analyzing intrusion alerts. ACM Transactions on Information and System Security, 7, 2 (2004), 274-318.
21. Petkac, M., and Badger, L. Security agility in response to intrusion detection. In Proceedings of the Sixteenth Annual Computer Security Applications Conference. Los Alamitos, CA: IEEE Computer Society, 2000, pp. 11-20.
22. Provos, N. A virtual honeypot framework. In Proceedings of the Thirteenth (USENIX) Security Symposium. San Diego: USENIX Association, 2004, pp. 11-20.
23. Rainer, R.K.; Snyder, C.A.; and Carr, H.H. Risk analysis for information technology. Journal of Management Information Systems, 8, 1 (Summer 1991), 129-148.
24. Richardson, R. 2003 CSI/FBI computer crime and security survey. White Paper, Computer Security Institute, San Francisco, 2003.
25. Rowe, N.C.; Michael, M.; Auguston, J.B.; and Riehle, R. Software decoys for software counterintelligence. IAnewsletter, 5, 1 (2002), 10-12.
26. Schnackenberg, D.; Djahandari, K.; and Sterne, D. Infrastructrure for intrusion detection and response. In DARPA Information Survivability Conference and Exposition, 2000 (DISCEX '00), vol. 2. Los Alamitos, CA: IEEE Computer Society, 2000, pp. 3-11.
27. Sethi, S.P., and Thompson, G.L. Optimal Control Theory: Applications to Management Science and Economics. Norwell, MA: Kluwer Academic, 2000.
28. Sia, S.K., and Neo, B.S. Reengineering effectiveness and the redesign of organizational control: A case study of the inland revenue authority of Singapore. Journal of Management Information Systems, 14, 1 (Summer 1997), 69-92.
29. Sinha, A.P., and May, J.H. Evaluating and tuning predictive data mining models using receiver operating characteristic curves. Journal of Management Information Systems, 21, 3 (Winter 2004-5), 249-280.
30. Sun, L.; Srivastava, R.P.; and Mock, T.J. An information systems security risk assessment model under the Dempster-Shafer theory of belief functions. Journal of Management Information Systems, 22, 4 (Spring 2006), 109-142.
31. Swanson, M.; Bartol, N.; Sabato, J.; Hash, J.; and Graffo, L. Security metrics guide for information technology systems. SP 800-55, NIST. White Paper, United States Department of Commerce, Gaithersburg, MD, 2003 (available at http://csrc.nist.gov/publications/nistpubsl),
32. Swets, J.A. Measuring the accuracy of diagnostic systems. Science, 240, 4857 (June 1988) 1285-1293.
33. Toth, T., and Kruegel, C. Evaluating the impact of automated intrusion response mechanisms. In Proceedings of the Eighteenth Annual Computer Security Applications Conference. Los Alamitos, CA: IEEE Computer Society, 2002, pp. 301-310.
34. Ulvila, J.W., and Gaffney, J.E., Jr. A decision analysis method for evaluating computer intrusion detection systems. Decision Analysis, 1, 1 (2004), 35-50.
35. Weiler, N. Honeypots for distributed denial of service attacks. In Eleventh IEEE WET ICE Workshop on Enterprise Security (WETICE'02). Los Alamitos, CA: IEEE Computer Society, 2002, pp. 9-14.
36. Widyantoro, D.H., and Yen, J. Relevant data expansion for learning concept drift from sparsely labeled data. IEEE Transactions on Knowledge and Data Engineering, 17, 3 (2005), 401-412.
37. Ye, N.; Emran, S.M.; Chen, Q.; and Vilbert, S. Multivariate statistical analysis of audit trails for host-based intrusion detection. IEEE Transactions on Computers, 51, 7 (2002), 810-820.