Please use this identifier to cite or link to this item:
https://hdl.handle.net/20.500.11851/1885
Title: | The Configuration and Detection Strategies for Information Security Systems | Authors: | Öğüt, Hulisi | Keywords: | Intrusion detection system Base rate fallacyConfiguration policy |
Source: | Öğüt, H. (2013). The configuration and detection strategies for information security systems. Computers & Mathematics with Applications, 65(9), 1234-1253. | Abstract: | Intrusion Detection Systems (IDSs) have become an important element of the Information Technology (IT) security architecture by identifying intrusions from both insiders and outsiders. However, security experts questioned the effectiveness of IDSs recently. The criticism known as Base Rate fallacy states that when IDS raises an alarm, the event is more likely to be benign rather than intrusive since the proportion of benign activity is significantly larger than that of intrusive activity in the user population. In response to too many false alarms, system security officers (SSO) either ignore alarm signals or turn off the IDS as the information provided by IDS is very skeptical. To alleviate this problem of IDSs, Ogut et al. (2008) [6] suggest that the firm may choose to wait to get additional signal and to make better decision about user type. One of the limitations of their model is that configuration point at which IDSs operate (the false negative and false positive rates) is exogenously given. However, the firm trying to minimize expected cost should also make a decision regarding the configuration level of IDSs since these probabilities are one of the determinants of future cost. Therefore, we extend Ogut et al. (2008) [6] by considering configuration and waiting time decisions jointly in this paper. We formulate the problem as dynamic programming model and illustrate the solution procedure for waiting time and configuration decision under optimal policy when cost of undetected hacker activity follows step wise function. As it is difficult to obtain waiting time and configuration decision under optimal policy, we illustrate the solution procedures for under myopic policy and focus on the characteristics of configuration decision under myopic policy. Our numerical analysis suggested that configuration decision is as important as waiting time decision to decrease the cost of operating IDS. © 2012 Elsevier Ltd. All rights reserved. | URI: | https://doi.org/10.1016/j.camwa.2012.05.015 https://hdl.handle.net/20.500.11851/1885 |
Appears in Collections: | İşletme Bölümü / Department of Management Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection WoS İndeksli Yayınlar Koleksiyonu / WoS Indexed Publications Collection |
Show full item record
CORE Recommender
SCOPUSTM
Citations
5
checked on Dec 21, 2024
WEB OF SCIENCETM
Citations
3
checked on Nov 9, 2024
Page view(s)
156
checked on Dec 23, 2024
Google ScholarTM
Check
Altmetric
Items in GCRIS Repository are protected by copyright, with all rights reserved, unless otherwise indicated.