Intrusion-detection policies for IT security breaches

INFORMS Journal on Computing

Volumn 20, Issue 1, 2008, Pages 112-123

  Ogut, Hulisi ^a   Cavusoglu, Huseyin ^b   Raghunathan, Srinivasan ^b  

^a TOBB UNIVERSITY OF ECONOMICS AND TECHNOLOGY   (Turkey)

^b UNIVERSITY OF TEXAS AT DALLAS   (United States)

Author keywords

Decision analysis; Dynamic programming; IT security; Stochastic model applications

Indexed keywords

EID: 61349169100     PISSN: 10919856     EISSN: 15265528     Source Type: Journal    
DOI: 10.1287/ijoc.1070.0222     Document Type: Article

References (32)

1. Aguirre, S. J., W. H. Hill. 1997. Intrusion detection fly-off: Implications for the United States Navy. MITRE Technical Report MTR 97W096, MITRE, McLean, VA.
2. Axellson, S. 2000. The base-rate fallacy and the difficulty of intrusion detection. ACM Trans. Inform. System Security 3 186-205.
3. Cavusoglu, H., S. Raghunathan. 2004. Configuration of detection software: A comparison of decision and game theory approaches. Decision Anal. 1 131-148.
4. Cavusoglu, H., B. Mishra, S. Raghunathan. 2004. The effect of internet security breach announcements on market value: Capital market reaction for breached firms and internet security developers. Intermit. J Electronic Commerce 9 69-105.
5. Cavusoglu, H., B. Mishra, S. Raghunathan. 2005. The value of intrusion detection systems (IDSs) in information technology (IT) security. Inform. Systems Res. 16 28-46.
6. Denning, D. E, 1987, An intrusion detection model. IEEE Trans. Software Engrg. 13 222-232.
7. D'haeseleer, P., S. Forrest, P. Helman. 1996. An immunological approach to change detection: Algorithms, analysis, and implications. IEEE Sympos. Security and Privacy. IEEE Press, New York.
8. Diamond, H. 1982. Minimax policies for unobscrvable inspections. Math. Oper. Res. 7 139-153.
9. Durst, R., T. Champion, B. Witten, E. Miller, L. Spagnuolo. 1999. Testing and evaluating computer intrusion detection systems. Comm. ACM 42 53-61.
10. Escamilla, T. 1998. Intrusion Detection: Network Security Beyond the Firewall. John Wiley and Sons, New York.
11. Gartner. 2003. Hype cycle for information security. Gartner Research Report, Gartner, Stamford, CT.
12. Gordon, L. A., M. P. Loeb. 2001. Using information security as a response to competitor analysis systems. Comm. ACM 44 70-75.
13. Honeynet Project. 2004. Know Your Enemy: Learning about Security Threats. Addison-Wesley, Boston.
14. Iheagwara, C. 2004. The effect of intrusion detection management methods on the return on investment. Comput. Security 23 213-228.
15. Jonsson, E., T. Olovsson. 1997. A quantitative model of the security intrusion process based on attacker behavior. IEEE Trans. Software Engrg. 23 235-245.
16. Kumar, S., E. Spafford. 1996. A pattern matching model for misuse intrusion detection. The COAST Project. Purdue University, West Lafayette, IN.
17. Lee, W, W. Fan, M. Miller, S. Stolfo, E. Zadok. 2001. Toward cost-sensitive modeling for intrusion detection and response. J. Comput. Security 10 5-22.
18. Lippmann, R. P., D. J. Fried, I. Graf, J. W. Haines, K. R. Kendall, D. McClung, S. E. Weber, D. Webster, R. K. Wyschogrod, R. K. Cunningham, M. A. Zissman. 2000. Evaluating intrusion detection systems: The 1998 DARPA off-line intrusion detection evaluation. Proc. 2000 DARPA Inform. Survivability Conf. Exposition, IEEE Press, Los Alamitos, CA, 12-26.
19. Lunt, T. 1993, A survey of intrusion detection systems. Comput. Security 12 405-418.
20. Moitra, S., S. Konda. 2000. A simulation model for managing survivability of networked information systems. Technical Report, Carnegie Mellon Software Engineering Institute, Carnegie Mellon University, Pittsburgh.
21. Neumann, P., P. Porras. 1999. Experience with emerald to date. Proc. First USENIX Workslwp on Intrusion Detection and Network Monitoring, Santa Clara, CA, 73-80.
22. NSS Group. 2001. Intrusion Detection Systems Group Test, 2nd ed. Oakwood House, Wennington, Cambridgeshire, UK.
23. Ozekici, S., S. Pliska. 1991. Optimal scheduling of inspections: A delayed Markov model with false positives and negatives. Oper. Res. 39 261-273.
24. Porras, P., R. Kemmerer. 1992. Penetration state transition analysis: A rule based intrusion detection approach. IEEE Eighth Annual Comput. Security Appl. Conf., IEEE Press, Los Alamitos, CA, 220-229.
25. Porras, P., P. Neumann. 1997. Emerald: Event monitoring enabling responses to anomalous live disturbances. Proc. 20th National Inform. Systems Security Conf., National Institute of Standards and Technology, Baltimore, 353-365.
26. Puketza, N., M. Chung, R. O. Olsson, B. Mukherjee. 1997. A software platform for testing intrusion detection systems. IEEE Software 14 43-51.
27. Ross, S. 1983. Introduction to Stochastic Dynamic Programming. Academic Press, New York.
28. Russell, D., G. T. Gangemi. 1992. Computer Security Basics. O'Reilly amp; Associates, Inc., Sebastopol, CA.
29. Shipley, G. 1999. ISS realsecure pushes past newer IDS players. Network Comput. 10 95-111.
30. Spitzner, L. 2002. Honeypots: Tracking Hackers. Addison-Wesley, Boston.
31. Ulvila, J., J. Gaffney. 2004. A decision analysis method for evaluating computer intrusion detection systems. Decision Anal. 1 35-50.
32. Zamboni, D., E. Spafford. 1999. New directions for the AAPHID architecture. Recent Advances in Intrusion Detection. Purdue University, West Lafayette, IN.