Problem areas in computer security assessment

Glaseman, S.; Türn, Rein; Gaines, R. Stockton

doi:10.1145/1499402.1499425

Cited by 11 publications

(5 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The issues involved in the measurement of cost factors have been studied by the computer risk analysis and security assessment communities. The literature suggests that attempts to fully quantify all factors involved in cost modeling usually generate misleading results because not all factors can be reduced to discrete dollars (or some other common unit of measurement) and probabilities [3,6,9,10,13]. It is recommended that qualitative analysis be used to measure the relative magnitudes of cost factors.…”

Section: Cost Factors and Metricsmentioning

confidence: 99%

Toward cost-sensitive modeling for intrusion detection and response

Lee

Fan²,

Miller

et al. 2002

JCS

218

151

View full text Add to dashboard Cite

Intrusion detection systems (IDSs) must maximize the realization of security goals while minimizing costs. In this paper, we study the problem of building cost-sensitive intrusion detection models. We examine the major cost factors associated with an IDS, which include development cost, operational cost, damage cost due to successful intrusions, and the cost of manual and automated response to intrusions.These cost factors can be qualified according to a defined attack taxonomy and site-specific security policies and priorities. We define cost models to formulate the total expected cost of an IDS, and present cost-sensitive machine learning techniques that can produce detection models that are optimized for user-defined cost metrics. Empirical experiments show that our cost-sensitive modeling and deployment techniques are effective in reducing the overall cost of intrusion detection.

show abstract

Section: Cost Factors and Metricsmentioning

confidence: 99%

Toward cost-sensitive modeling for intrusion detection and response

Lee

Fan²,

Miller

et al. 2002

JCS

218

151

View full text Add to dashboard Cite

show abstract

“…50 They concluded, "we prefer to leave it as an open question whether or not a quantitative assessment methodology can ever be developed." 50 Indeed, risk assessors did not even agree on terminology. At the 1978 workshop, a session on managerial and organizational vulnerabilities and controls noted, Efforts of this group were hampered in the identification of vulnerabilities and controls by a lack of adequate definition of critical terminology such as threats, vulnerabilities, risk, risk analysis, and risk assessment.…”

Section: Inadequate Modelsmentioning

confidence: 99%

“…50 Such models were useless because they "assume that we are able to supply values for the parameters of the model which, in fact, we are not able to supply." 50 By contrast, Courtney, who spoke immediately prior to the RAND researchers at the 1977 National Computer Security Conference, acknowledged that precise data was not available but insisted that order of magnitude estimates were usually sufficient. 46 Some researchers sought to make uncertainties more explicit in computer security risk assessment.…”

Section: Inadequate Modelsmentioning

confidence: 99%

Measuring Risk: Computer Security Metrics, Automation, and Learning

Slayton

2015

IEEE Annals Hist. Comput.

View full text Add to dashboard Cite

Risk management is widely seen as the basis for cybersecurity in contemporary organizations. Risk management aims to minimize the combined cost of security breaches and measures to prevent breaches. This article analyzes debate over computer security risk assessment in the 1970s and 1980s, arguing that the most valuable part of risk management-learning-is also one of its most neglected aspects.The Cybersecurity Framework shall provide a prioritized, flexible, repeatable, performancebased, and cost-effective approach, including information security measures and controls, to help owners and operators of critical infrastructure identify, assess, and manage cyber risk. 1

show abstract

“…The issues involved in the measurement of cost factors have been studied by the computer risk analysis and security assessment communities. The literature suggests that attempts to fully quantify all factors involved in cost modeling usually generate misleading results because not all factors can be reduced to discrete dollars (or some other common unit of measurement) and probabilities [18,19,20,21,22]. It is recommended that qualitative analysis be used to measure the relative magnitudes of cost factors.…”

Section: Cost Factors and Metricsmentioning

confidence: 99%

A Data Mining approach for building cost-sensitive and light intrusion detection models

RALEIGH¹

2004

View full text Add to dashboard Cite

Problem areas in computer security assessment

Cited by 11 publications

References 6 publications

Toward cost-sensitive modeling for intrusion detection and response

Toward cost-sensitive modeling for intrusion detection and response

Measuring Risk: Computer Security Metrics, Automation, and Learning

A Data Mining approach for building cost-sensitive and light intrusion detection models

Contact Info

Product

Resources

About