The challenges of using an intrusion detection system

Werlinger, Rodrigo; Hawkey, Kirstie; Müldner, Kasia; Jaferian, Pooya; Beznosov, Konstantin

doi:10.1145/1408664.1408679

Cited by 42 publications

(33 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Coping with the existing tools and their lack of usability: Current technical tools suffer from a high number of false positives, the need for precise information that is rarely documented, and a lack of usability (Werlinger, 2010(Werlinger, , 2008Metzger et al, 2011).…”

Section: Information Security Incident Managementmentioning

confidence: 99%

Examining the suitability of industrial safety management approaches for information security incident management

Line

Albrechtsen

2016

Information &Amp; Computer Security

View full text Add to dashboard Cite

Purpose This paper discusses whether recent theoretical and practical approaches within industrial safety management might be applicable to, and solve challenges experienced in, the field of information security, specifically related to incident management.Design/methodology/approach Literature review. FindingsPrinciples, research, and experiences on the issues of plans, training, and learning in the context of industrial safety management would be suitable for adoption into the field of information security incident management and aid in addressing current challenges. Research limitations/implications (if applicable)There are a number of reasons why approaches from industrial safety management have something to offer to information security incident management: the former field is more mature and has longer traditions, there is more organizational research on industrial safety issues than on information security issues so far, individual awareness is higher for industrial safety risks, and worker participation in systematic industrial safety work is ensured by law. More organizational research on information security issues and continuous strengthening of individual security awareness would push information security to further maturity levels where current challenges are solved. Practical implications (if applicable)This paper shows that the field of information security incident management would gain from closer collaborations with industrial safety management, both in research and in practical loss prevention in organizations. The ideas discussed in this paper form a basis for further research on practical implementations and case studies. Originality/valueThe main audience of this paper includes information security researchers and practitioners, as they will find inspirational theories and experiences to bring into their daily work and future projects.

show abstract

Section: Information Security Incident Managementmentioning

confidence: 99%

Examining the suitability of industrial safety management approaches for information security incident management

Line

Albrechtsen

2016

Information &Amp; Computer Security

View full text Add to dashboard Cite

show abstract

“…Anomaly based IDS could detect unknown attacks that do not conform to the normal behaviour. However, an anomaly based IDS has a high level of false alarms due to uncertainty associated with their detection decisions [Werlinger 2008] [Gates 2006]. Therefore, a hybrid architecture for Home-IPS is proposed that combines both advantages of signature based and anomaly based IDSs.…”

Section: Home-ips Framework Architecturementioning

confidence: 99%

Cyber Security and Information Protection in a Smart Grid Environment

Liu

Shosha

et al. 2011

IFAC Proceedings Volumes

View full text Add to dashboard Cite

“…Make configuration manageable [3,20] Support rehearsal and planning [3,6,7,20,44] Make configuration easy to change [20,46] Provide meaningful errors [20,34,46] Specificity Figure 1: Framework of design guidelines for IT security management tools well supported by available tools [8,26]. As one of our participants illustrated: "So the vendors themselves are looking at things in isolation instead of looking at it as a whole thing that needs to be addressed" (P33).…”

Section: Configuration and Deployment Guidelinesmentioning

confidence: 99%

“…To realize this, tools should provide commented configuration files and/or group related parameters together in high-level profiles [20], so that a change in the profile would change all related parameters automatically. Also, tools should provide a quick tuning option that allows batch configuration of parameters [46].…”

Section: Make Configuration Easy To Changementioning

confidence: 99%

Guidelines for designing IT security management tools

Jaferian

Botta

Raja

et al. 2008

Proceedings of the 2nd ACM Symposium on Computer Human Interaction for Management of Information Technology

Self Cite

View full text Add to dashboard Cite

An important factor that impacts the effectiveness of security systems within an organization is the usability of security management tools. In this paper, we present a survey of design guidelines for such tools. We gathered guidelines and recommendations related to IT security management tools from the literature as well as from our own prior studies of IT security management. We categorized and combined these into a set of high level guidelines and identified the relationships between the guidelines and challenges in IT security management. We also illustrated the need for the guidelines, where possible, with quotes from additional interviews with five security practitioners. Our framework of guidelines can be used by those developing IT security tools, as well as by practitioners and managers evaluating tools.

show abstract

The challenges of using an intrusion detection system

Cited by 42 publications

References 25 publications

Examining the suitability of industrial safety management approaches for information security incident management

Examining the suitability of industrial safety management approaches for information security incident management

Cyber Security and Information Protection in a Smart Grid Environment

Guidelines for designing IT security management tools

Contact Info

Product

Resources

About