Improving intrusion prevention models: Dual-threshold and dual-filter approaches

INFORMS Journal on Computing

Volumn 20, Issue 3, 2008, Pages 356-367

  Ryu, Young U ^a   Rhee, Hyeun Suk ^a  

^a UNIVERSITY OF TEXAS AT DALLAS   (United States)

Author keywords

Computer security; Decision analysis; Information systems: Management; Intrusion detection; Intrusion prevention; Systems

Indexed keywords

EID: 61349148588     PISSN: 10919856     EISSN: 15265528     Source Type: Journal    
DOI: 10.1287/ijoc.1070.0249     Document Type: Article

References (38)

1. Ahmed, S., Y. Guan. 2005. The inverse optimal value problem. Math. Programming 102(1) 91-110.
2. Al-Khayyal, F. A., J. E. Falk. 1983. Jointly constrained biconvex programming. Math. Oper. Res. 8(2) 273-286.
3. Anderson, R. 2001. Why information security is hard-An economic perspective. Proc. 17th Annual Comput. Security Appl. Conf., Neio Orleans, 358-365.
4. Arora, H., B. K. Mishra, T. S. Raghu. 2006. Autonomic-computing approach to secure knowledge management: A game-theoretic analysis. 7EEE Trans. Systems, Man, Cybernetics-Part A: Systems Humans 36(3) 487-497.
5. Ashley, B. K., G, L. Jackson, 1999. Information assurance through defense in depth. IAnewsletter 3(2) 3-7.
6. Axelsson, S. 2000. The base-rate fallacy and the difficulty of intrusion detection. ACM Trans. Inform. System Security 3(3) 186-205.
7. Bace, R. G. 2000. Intrusion Detection. Macmillan Technical Publishing, Indianapolis.
8. Bennett, K. P., O. L. Mangasarian. 1993. Bilinear separation of two sets in n-spacc. Computational Optim. Appl. 2(3) 207-227.
9. Cavusoglu, H., S. Raghunathan. 2004. Configuration of detection software: A comparison of decision and game theory approaches. Decision Anal. 1(3) 131-148.
10. Cavusoglu, H., B. Mishra, S. Raghunathan. 2005. The value of intrusion detection systems in information technology architecture. Inform. Systems Res. 16(1) 28-46.
11. Chen, P. M., B. D. Noble. 2001. When virtual is better than real. Proc. 8th Workshop on Hot Topics in Operating Systems, Elmau, Germany, IEEE CS Press, Los Alamitos, CA, 133-138.
12. Cohen, W. W. 1995. Fast effective rule induction. Proc. 12th Internal. Conf. Machine Learning. Tahoe City, CA, 115-123.
13. Denning, D. E. 1987. An intrusion-detection model. IEEE Trans. Software Engrg. 13(2) 222-232.
14. De Shon, M. 2002. Intrusion prevention versus intrusion detection. White paper, SecureWorks, Inc., Atlanta, http://www.netbankaudit.com/images/IPSvsIDS- White- Paper.pdf.
15. Endorf, C., E. Schultz, J. Mellander. 2004. Intrusion Detection & Prevention. McGraw-Hill/Osborne, Emeryville, CA.
16. Floudas, C. A., V. Visweswaran. 1995. Quadratic optimization. Handbook of Global Optimization. Kluwer, Dordrecht, The Netherlands, 217-269.
17. Gaffney, J. E., J. W. Ulvila. 2001. Evaluation of intrusion detectors: A decision theory approach. Proc. IEEE Sympos. Security Privacy, Oakland, CA, 50-61.
18. Konno, H. 1976. A cutting plane algorithm for solving bilinear programs. Math. Programming 11 14-27.
19. Lee, W., S. J. Stolfo. 1998. Data mining approaches for intrusion detection. Proc. 7th USENIX Security Sympos., San Antonio, TX, USENIX, Berkeley, CA, 79-94.
20. Lee, W., S. J. Stolfo, P. K. Chan. 1997. Learning patterns from UNIX process execution traces for intrusion detection. Proc. AAAI97 Workshop on AI Approaches to Fraud Detection and Risk Management, Providence, RI, Association for the Advancement of Artificial Intelligence, Menlo Park, CA, 50-56.
21. Lee, W., W. Fan, M. Miller, S. J. Stolfo, E. Zadok. 2002. Toward cost-sensitive modeling for intrusion detection and response. J. Comput. Security 10(1/2) 5-22.
22. Lippmann, R. P., R. K. Cunningham, D. J. Fried, I. Graf, K. R. Kendall, S. E. Webster, M. A. Zissman. 1999. Results of the
23. DARPA 1998 off-line intrusion detection evaluation. Proc. 2nd Internal. Workshop on the Recent Adv. Intrusion Detection (RAID 99), West Lafayette, IN, http://www.raid-symposium.org/raid99/PAPERS/Lippmann-DARPA.pdf.
24. McHugh, J., A. Christie, J. Allen. 2000. Defending yourself: The role of intrusion detection systems. 7EEE Software 17(5) 42-51.
25. Michie, D., D. J. Spiegelhalter, C. C. Tayor, eds. 1994. Machine Learning, Neural and Statistical Classification. Ellis Horwood, London.
26. Nitro Data Systems, Inc. 2004. Intrusion prevention. White paper, Nitro Data Systems, Inc., Portsmouth, NH, http://www.securitytechnet.com/resource/ security/ids/NGDB.pdf.
27. Okena, Inc. 2003. A new approach to intrusion detection: Intrusion prevention. White paper, Okena, Inc. (Cisco, Inc.), San Jose, CA, http://www.securitytechnet.com/resource/security/ids/IDSWhitePaper.pdf.
28. Parker, D. B. 1983. Fighting Computer Crime. Charles Scribner's Sons, New York.
29. Paulson, L. D. 2002. Stopping intruders outside the gates. Computer 35(11) 20-22.
30. Piscitello, D. 2002. Intrusion detection⋯ or prevention? Bus. Comm. Rev. 42-45.
31. Robb, D. 2005. Erecting barriers. Computer-world 39(12) 42-44.
32. Ross, R., S. Katzke, A. Johnson, M. Swanson, G. Stoneburner, G. Rogers, A. Lee. 2005. Recommended security controls for federal information systems. Special Publication 800-53, National Institute of Standards and Technology (NIST), Technology Administration, U.S. Department of Commerce, Washington, D.C.
33. Sequeira, D. 2003. Intrusion prevention systems: Security's silver bullet? Bus. Comm. Rev. 33 36-41.
34. Stolfo, S. J., W. Lee, P. K. Chan, W. Fan, E. Eskin. 2001. Data mining- based intrusion detectors: An overview of the Columbia IDS project. SIGMOD Record 30(4) 5-14.
35. Ulvila, J. W., J. E. Gaffney. 2004. A decision analysis method for evaluating computer intrusion detection systems. Decision Anal. 1(1) 35-50.
36. U.S. Joint Chiefs of Staff. 2000. Information assurance through defense in depth. Special publication, U.S. Government Printing Office, Washington, D.C.
37. Walder, B. 2004. Intrusion prevention systems (IPS). White paper, The NSS Group, Ltd., Des Plaines, IL, http://www.nss.co.uk/WhitePapers/intrusion- prevention-systems.htm.
38. Warrender, C., S. Forrest, B. Pearlmutter. 1999. Detecting intrusions using system calls: Alternative data models. Proc. 1999 IEEE Sympos. Security Privacy, Oakland, CA, 133-145.