The management of intrusion detection: Configuration, inspection, and investment

European Journal of Operational Research

Volumn 195, Issue 1, 2009, Pages 186-204

  Çakanyildirim, Metin ^a   Yue, Wei T ^a   Ryu, Young U ^a  

^a UNIVERSITY OF TEXAS AT DALLAS   (United States)

Author keywords

Cost and benefit analysis; Decision analysis; Decision support systems; Dynamic programming

Indexed keywords

ADMINISTRATIVE DATA PROCESSING; ALARM SYSTEMS; ARTIFICIAL INTELLIGENCE; BUDGET CONTROL; COMPUTER CRIME; COST FUNCTIONS; COSTS; DAMAGE DETECTION; DECISION MAKING; DECISION SUPPORT SYSTEMS; DECISION THEORY; EARNINGS; INFORMATION RETRIEVAL SYSTEMS; INTRUSION DETECTION; INVESTMENTS; MANAGEMENT INFORMATION SYSTEMS; PROBABILITY DENSITY FUNCTION; SECURITY OF DATA; SYSTEMS ENGINEERING; WIRELESS LOCAL AREA NETWORKS (WLAN); WIRELESS TELECOMMUNICATION SYSTEMS;

COST AND BENEFIT ANALYSIS; CRITICAL DECISIONS; DECISION ANALYSIS; FALSE ALARM RATES; INTERNAL RATE OF RETURNS; INTRUSION COSTS; INTRUSION DETECTION SYSTEMS; NUMERICAL EXAMPLES; OCCURRENCE PROBABILITIES; OPTIMIZATION MODELS; RATE OF INCREASES; SECURITY INVESTMENTS;

COST BENEFIT ANALYSIS;

EID: 55949086356     PISSN: 03772217     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.ejor.2008.01.034     Document Type: Article

References (19)

1. Axelsson S. The base-rate fallacy and the difficulty of intrusion detection. ACM Transactions on Information and System Security 3 3 (2000) 186-205
2. Bace R. Intrusion Detection (2000), Macmillan Technical Publishing, Indianapolis, IN
3. Briney, A. 2001. 2001 industry survey. Information Security Magazine, October, 34-46.
4. Cavusoglu H., Mishra B., and Raghunathan S. The value of intrusion detection systems (idss) in information technology security architecture. Information Systems Research 16 (2005) 28-47
5. Cavusoglu H., and Raghunathan S. Configuration of detection software: A comparison of decision and game theory approaches. Decision Analysis 1 3 (2004) 131-148
6. Ernst & Young 2003. Global information security survey 2003. White paper, Ernst & Young LLP.
7. Fessi B.A., Hamdi M., Benabdallah S., and Boudriga N. A decisional framework system for computer network intrusion detection. European Journal of Operational Research 177 3 (2007) 1824-1838
8. Gordon L.A., and Loeb M.P. The economics of information security investment. ACM Transactions on Information and System Security 5 4 (2002) 438-457
9. Gordon, L.A., Loeb, M.P., Lucyshyn, W., 2005. 2005 CSI/FBI computer crime and security survey. White paper, Computer Security Institute.
10. Iheagwara C. The effect of intrusion detection management methods on the return on investment. Computers and Security 23 3 (2004) 213-228
11. Julisch K. Clustering intrusion detection alarms to support root cause analysis. ACM Transactions on Information and System Security 6 4 (2003) 443-471
12. Koziol J. Intrusion Detection with Snort (2003), Sams Publishing, Indianapolis, IN
13. Lee W., and Stolfo S.J. A framework for constructing features and models for intrusion detection systems. ACM Transactions on Information and System Security 3 4 (2000) 227-261
14. Mandia K., and Prosise C. Incident Response: Investigating Computer Crime (2001), Osborne/McGraw-Hill, Berkeley, CA
15. Metz C.E. Basic principles of ROC analysis. Seminars in Nuclear Medicine 8 4 (1978) 283-298
16. PriceWaterhouseCoopers, 2004. Information security breaches survey 2004. Technical Report, Department of Trade and Industry (DTI), United Kingdom.
17. Stein T. Security gets top-level attention. Optimize (2003) 23
18. Ulvila J.W., and Gaffney Jr. J.E. A decision analysis method for evaluating computer intrusion detection systems. Decision Analysis 1 1 (2004) 39-54
19. Zweig M.H., and Campbell G. Receiver-operating characteristic (ROC) plots: A fundamental evaluation tool in clinical medicine. Clinical Chemistry 39 (1993) 561-577