Help
Cart
Skip main navigation

Available Issues

April 10, 2013 - April 2, 2026

Available Issues

April 10, 2013 - April 2, 2026

The Value of Intrusion Detection Systems in Information Technology Security Architecture

Published Online:1 Mar 2005https://doi.org/10.1287/isre.1050.0041

References

  • Aguirre S. J., Hill W. H. Intrusion detection fly-off: Implications for the United States Navy. (1997) . MITRE Technical Report MTR 97W096, McLean, VAGoogle Scholar
  • Allen J., Christie A., Fithen W., McHugh J., Pickel J., Stoner E. State of the practice of intrusion detection technologies. (2000) . Technical Report CMU/SEI-99-TR-028 ESC-99-028, Pittsburgh, PAGoogle Scholar
  • Alpert B. As e-tailing booms on the net, so does the demand for virtual security. Barron’s (1999) 79(4):25Google Scholar
  • Amoroso E.Intrusion Detection (1999) (Intrusion.Net Books, NJ) Google Scholar
  • Axelsson S. The base-rate fallacy and the difficulty of intrusion detection. ACM Trans. Inform. System Security (2000) 3(3):186–205CrossrefGoogle Scholar
  • Bace R., Mell P. NIST special publication on intrusion detection systems. (2001) . SP-800-31. National Institute of Standards and TechnologyCrossrefGoogle Scholar
  • Baiman S. Agency research in managerial accounting: A survey. J. Accounting Literature (1982) 1:154–213Google Scholar
  • Bashir I., Serafini E., Wall K. Securing network software applications: Introduction. Comm. ACM (2001) 44(2):28–30CrossrefGoogle Scholar
  • Becker G. Crime and punishment: An economic approach. J. Political Econom. (1968) 76:169–217CrossrefGoogle Scholar
  • CERT (Computer Emergency and Response Team)Detecting Signs of Intrusion (2000) (CERT Security Improvement Modules, Pittsburgh, PA) Google Scholar
  • Debar H., Dacier M., Wespi A., Lampart S.A Workbench for Intrusion Detection Systems (1998) (IBM Zurich Laboratory, Ruschlikon, Switzerland) Google Scholar
  • Denning D. E. An intrusion detection model. IEEE Trans. Software Engrg. (1987) 13(2):222–232CrossrefGoogle Scholar
  • Denning D. E. Reflections on cyberweapons controls. Comput. Security J. (2000) 16(4):43–53Google Scholar
  • D’haeseleer P., Forrest S., Helman P. An immunological approach to change detection: Algorithms, analysis, and implications. Proc. IEEE Sympos. Security Privacy (1996) 110–119CrossrefGoogle Scholar
  • Durst R., Champion T., Witten B., Miller E., Spagnuolo L. Testing and evaluating computer intrusion detection systems. Comm. ACM (1999) 42(7):53–61CrossrefGoogle Scholar
  • Dye R. A. Optimal monitoring policies in agencies. RAND J. Econom. (1986) 17:339–350CrossrefGoogle Scholar
  • Escamilla T.Intrusion Detection: Network Security Beyond the Firewall (1998) (John Wiley & Sons, New York) Google Scholar
  • Feichtinger G. A differential games solution to a model of competition between a thief and the police. Management Sci. (1983) 29:686–699LinkGoogle Scholar
  • Fellingham J. C., Newman P. Strategic considerations in auditing. Accounting Rev. (1985) 60(4):634–650Google Scholar
  • Fisch E. A., White G. B.Secure Computer and Networks (2000) (CRC Press, Boca Raton, FL) Google Scholar
  • Frincke D., Evans J., Aucutt D. Hierarchical management of misuse reports. Proc. Internat. Conf. Comput. Inform. (1996) Ontario, CanadaGoogle Scholar
  • Fudenberg D., Levine D.The Theory of Learning in Games (1998) (MIT Press, Cambridge, MA) Google Scholar
  • Fudenberg D., Tirole J.Game Theory (1993) (MIT Press, Cambridge, MA) Google Scholar
  • Gartner. Hype cycle for information security. (2003) May 30(Stamford, CT). Gartner Research ReportGoogle Scholar
  • Garvey T., Lunt T. Model-based intrusion detection. Proc. 14th National Comput. Security Conf. (1991) Washington, D.CGoogle Scholar
  • Goodman M. D., Brenner S. W. The emerging consensus on criminal conduct in cyberspace. UCLA J. Law Tech. (2002) 3Google Scholar
  • Hansanyi J. C. Games with incomplete information played by Bayesian players, I: Basic model. Management Sci. (1967) 14(3):159–182LinkGoogle Scholar
  • Hansanyi J. C. Games with incomplete information played by Bayesian players, II: Bayesian equilibrium points. Management Sci. (1968a) 14(5):320–334LinkGoogle Scholar
  • Hansanyi J. C. Games with incomplete information played by Bayesian players, III: The basic probability distribution of the game. Management Sci. (1968b) 14(7):486–502LinkGoogle Scholar
  • Hulme H. Businesses keep spending on security. Inform. Week (2002) January 28Google Scholar
  • Ilgun K. Ustat: A real-time intrusion detection system for Unix. (1992) . Master’s thesis, Computer Science Department, University of California at Santa Barbara, CAGoogle Scholar
  • Internet Security Systems The truth about false positives. (2001) . Technical White Paper, Internet Security Systems, Atlanta, GAGoogle Scholar
  • Jajodia S., Miller J. Editor’s preface. J. Comput. Security (1993) 16(4):43–53Google Scholar
  • Kanodia C. S. Stochastic and moral hazard. J. Accounting Res. (1985) 23:175–193CrossrefGoogle Scholar
  • Kilgour D. M. Site selection for on-site inspection in arms control. Arms Control (1992) 13(13):439–462CrossrefGoogle Scholar
  • Koerner B. I. Who are hackers, anyway? U.S. News World Rep. (1999) 17(2):53Google Scholar
  • Kumar S., Spafford E. A pattern matching model for misuse intrusion detection. The COAST Project (1996) (Purdue University, West Lafayette, IN) Google Scholar
  • Lee W., Fan W., Miller M., Stolfo S., Zadok E. Toward cost-sensitive modeling for intrusion detection and response. J. Comput. Security (2002) 10(1/2):5–22CrossrefGoogle Scholar
  • Lippmann R. P., Fried D. J., Graf I., Haines J. W., Kendall K. R., McClung D., Weber D., Webster S. E., Wyschogrod D., Cunningham R. K., Zissman M. A. Evaluating intrusion detection systems: The 1998 DARPA off-line intrusion detection evaluation. Proc. 2000 DARPA Inform. Survivability Conf. Exposition (2000a) 2:12–26(DISCEX)CrossrefGoogle Scholar
  • Lippmann R. P., Haines J. W., Fried D. J., Kobra J., Das K. The 1999 DARPA off-line intrusion detection evaluation. Comput. Networks (2000b) 34(2):579–595CrossrefGoogle Scholar
  • Lunt T. Ides: An intelligent system for detecting intruders. Proc. Sympos.: Comput. Security, Threat Countermeasures (1990) Rome, ItalyGoogle Scholar
  • Lunt T. A survey of intrusion detection systems. Comput. Security (1993) 12:405–418CrossrefGoogle Scholar
  • Lunt T., Jagannathan R. A prototype real-time intrusion detection system. Proc. 1988 IEEE Sympos. Security Privacy (1988) Oakland, CACrossrefGoogle Scholar
  • Lunt T., Tamaru A., Gilham F., Jagannathan R., Jalali R. C., Javitz H., Valdos A., Neumann P., Garvey T. A real-time intrusion detection expert system. (1992) . Technical report, Consumer Science Laboratory, SRI International, Menlo Park, CAGoogle Scholar
  • Maschler M. A price leadership method for solving the inspector’s non-constant-sum game. Naval Res. Logist. Quart. (1966) 13:11–33CrossrefGoogle Scholar
  • Maschler M. The inspector’s non-constant-sum game: Its dependence on a system of detectors. Naval Res. Logist. Quart. (1967) 14:275–290CrossrefGoogle Scholar
  • McCarthy L.Intranet Security (1998) (Sun Microsystems Press, Santa Clara, CA) Google Scholar
  • McHugh J. Testing intrusion detection systems: A critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory. ACM Trans. Inform. System Security (2000) 3(4):262–294CrossrefGoogle Scholar
  • McHugh J., Christie A. C., Allen J. Defending yourself: The role of intrusion detection systems. IEEE Software (2000) 17(5):42–51CrossrefGoogle Scholar
  • Mell P., Hu V., Lippmann R., Haines J., Zissman M.An Overview of Issues in Testing Intrusion Detection Systems (2002) (NIST IR 7007, Gaithersburg, MD) Google Scholar
  • Messmer E. Getting the drop on network intruders. Network World (1999) October 4Google Scholar
  • Mishra B. K., Newman P., Stinson C. Environmental regulations and incentives for compliance audits. J. Accounting Public Policy (1997) 16(2):187–214CrossrefGoogle Scholar
  • Monrose F., Rubin A. Authentication via keystroke dynamics. 4th ACM Conf. Comput. Comm. Security (1997) Zurich, SwitzerlandCrossrefGoogle Scholar
  • Mookherjee D., Png I. P. L. Monitoring vis-à-vis investigation in enforcement of law. Amer. Econom. Rev. (1992) 82(3):556–565Google Scholar
  • Mueller P., Shipley G. Dragon claws its way to the top. Network Comput. (2001) 20(August):45–67Google Scholar
  • National Computer Security CenterA Guide to Understanding Audit in Trusted Systems (1988) Version 2 (June), The Rainbow Series(NCSC-TG-001, Meade, MD) Google Scholar
  • Neumann P., Porras P. Experience with emerald to date. Proc. 1st USENIX Workshop Intrusion Detection Network Monitoring (1999) Santa Clara, CA:73–80Google Scholar
  • Newman P., Rhoades S., Smith R. Allocating audit resources to detect fraud. Rev. Accounting Stud. (1996) 1:161–182CrossrefGoogle Scholar
  • NIST Publication 800-12An Introduction to Computer Security (1996) (National Institute of Standards and Technology, Gaithersburg, MD) Google Scholar
  • Northcutt S. Evaluating intrusion detection systems without attacking your friends. Network Intrusion Detection (1999) 86Google Scholar
  • NSS GroupIntrusion Detection Systems Group Test (2001) Ed. 2(December(Oakwood House, Wennington, Cambridgeshire, UK) Google Scholar
  • Panko R.Corporate Computer and Network Security (2003) (Prentice Hall, NJ) Google Scholar
  • Peltier T. R.Information Security Risk Analysis (2001) (Auerbach Publications, Boca Raton, FL) CrossrefGoogle Scholar
  • Polinsky A., Shavell S. The optimal trade-off between the probability and magnitude of fines. Amer. Econom. Rev. (1979) 69:880–891Google Scholar
  • Porras P., Kemmerer R. Penetration state transition analysis: A rule-based intrusion detection approach. IEEE 8th Annual Comput. Security Appl. Conf. (1992) San Antonio, TX:220–229CrossrefGoogle Scholar
  • Porras P., Neumann P. Emerald: Event monitoring enabling responses to anomalous live disturbances. Proc. 20th Nat. Inform. Systems Security Conf. (1997) Baltimore, MD:353–365Google Scholar
  • Power R. CSI/FBI computer crime and security survey. Comput. Security Isssues Trends (2002) 8(1):1–22Google Scholar
  • Proctor P. E.The Practical Intrusion Detection Handbook (2001) (Prentice Hall, NJ) Google Scholar
  • Ptacek T. H., Newsham T. N.Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection (1998) (Secure Networks Inc., Calgary, Alberta, Canada) Google Scholar
  • Puketza N., Chung M., Olsson R. O., Mukherjee B. A software platform for testing intrusion detection systems. IEEE Software (1997) 14(5):43–51CrossrefGoogle Scholar
  • Rothke B. Hackers then and now: Answers to some perennial questions. Comput. Security J. (2000) 16(3):11–14Google Scholar
  • Russell D., Gangemi G. T.Computer Security Basics (1992) (O’Reilly & Associates, Inc., Sebastopol, CA) Google Scholar
  • Russell G. S. Game models for structuring monitoring and enforcement systems. Natural Resource Modeling (1990) 4:143–173CrossrefGoogle Scholar
  • Sethi S. P. Optimal pilfering policies for dynamic continuous thieves. Management Sci. (1979) 25(6):535–542LinkGoogle Scholar
  • Shavell S. Specific versus general enforcement of the law. J. Political Econom. (1991) 99:1088–1108CrossrefGoogle Scholar
  • Shaw D. S., Post J. M., Ruby K. G. Inside the minds of the insider. Security Management (1999) December):34–44Google Scholar
  • Shipley G. ISS RealSecure pushes past newer IDS players. Network Comput. (1999) May 17Google Scholar
  • Sriram T. Blocking virus requests in Novell bordermanager’s HTTP accelerator. (2002) . Feature article, Novell Appnotes, Waltham, MAGoogle Scholar
  • Stigler G. The optimum enforcement of laws. J. Political Econom. (1970) 78:526–536CrossrefGoogle Scholar
  • Thomas M. U., Nisgav Y. An infiltration game with time dependent payoff. Naval Res. Logist. Quart. (1976) 23:297–302CrossrefGoogle Scholar
  • Trees H. V.Detection, Estimation and Modulation Theory—Part I (2001) (John Wiley, New York) Google Scholar
  • Tudor J. K.Information Security Architecture (2001) (Auerbach Publications, Boca Raton, FL) Google Scholar
  • Weissenberger S. Deterrence and the design of treaty verification systems. IEEE Trans. Systems, Man, Cybernetics (1992) 22:903–915CrossrefGoogle Scholar
  • Yocom B., Brown K. Intrusion Battleground Evolves. Network World (2001) October 8):53–62Google Scholar
  • Zamboni D., Spafford E. New directions for the AAPHID architecture. Workshop Recent Adv. Intrusion Detection (1999) (West Lafayette, IN)Google Scholar
Previous
Back to Top
Next
INFORMS site uses cookies to store information on your computer. Some are essential to make our site work; Others help us improve the user experience. By using this site, you consent to the placement of these cookies. Please read our Privacy Statement to learn more.
Agree