Configuration of and Interaction Between Information Security Technologies: The Case of Firewalls and Intrusion Detection Systems

References

• Allen J., Ford G., Fraser B., Kochmar J., Konda S., Simmel D., Cunningham L. Security for information technology service contracts. (1998) . SEI Security Improvement Modules CMU/SEI-SIM-003, Software Engineering Institute, PittsburghGoogle Scholar
• August T., Tunca T. I. Network software security and user incentives. Management Sci. (2006) 52(11):1703–1720Link, Google Scholar
• August T., Tunca T. I. Let the pirates patch? An economic analysis of network software security patch restrictions. Inform. Systems Res. (2008) 19(1):48–70Link, Google Scholar
• Axelsson S. The base-rate fallacy and the difficulty of intrusion detection. ACM Trans. Inform. System Security (2000) 3(3):186–205Crossref, Google Scholar
• Campbell P., Calvert B., Boswell S.Security + Guide to Network Security Fundamentals (2003) (Course Technology, Boston) Google Scholar
• Cavusoglu H. The economics of IT security. (2003) . Ph.D. thesis, University of Texas at Dallas, RichardsonGoogle Scholar
• Cavusoglu H., Raghunathan S. Configuration of detection software: A comparison of decision and game theory approaches. INFORMS Decision Anal. (2004) 1(3):131–148Link, Google Scholar
• Cavusoglu H., Cavusoglu H., Raghunathan S. Efficiency of vulnerability disclosure mechanisms to disseminate vulnerability knowledge. IEEE Trans. Software Engrg. (2007) 33(3):171–185Crossref, Google Scholar
• Cavusoglu H., Cavusoglu H., Zhang J. Security patch management: Share the burden or share the damage? Management Sci. (2008) 54(4):657–670Link, Google Scholar
• Cavusoglu H., Mishra B., Raghunathan S. The value of intrusion detection systems (IDSs) in information technology security. Inform. Systems Res. (2005) 16(1):28–46Link, Google Scholar
• Cavusoglu H., Raghunathan S., Cavusoglu H. How do security technologies interact with each other to create value? The analysis of firewall and intrusion detection system. (2005) Workshop on Information Systems and EconomicsIrvine, CAGoogle Scholar
• Christensen P. O., Feltham G.Economics of Accounting—Performance Evaluation (2005) 2(Springer, New York) Springer Series in Accounting ScholarshipGoogle Scholar
• Ciampa M.Security + Guide to Network Security Fundamentals (2005) (Course Technology, Boston) Google Scholar
• Cremonini M., Nizovtsev D. Understanding and influencing attackers' decisions: Implications for security investment strategies. (2006) Workshop on the Economics of Information SecurityCambridge, UKGoogle Scholar
• D'haeseleer P., Forrest S., Helman P. An immunological approach to change detection: Algorithms, analysis, and implications. Proc. IEEE Sympos. Security Privacy (1996) Oakland, CA:110–119Crossref, Google Scholar
• Durst R., Champion T., Witten B., Miller E., Spannuolo L. Testing and evaluating computer intrusion detection systems. Comm. ACM (1999) 42(7):53–61Crossref, Google Scholar
• Gal-Or E., Ghose A. The economic incentives for sharing security information. Inform. Systems Res. (2005) 16(2):186–208Link, Google Scholar
• GartnerHype Cycle for Information Security (2003) . Gartner Research Report (May 30)Google Scholar
• Garvey T., Lunt T. Model-based intrusion detection. Proc. 14th National Comput. Security Conf. (1991) Washington, DC:372–385Google Scholar
• Gordon L., Loeb M., Lucyshyn W. Sharing information on computer systems security: An economic analysis. J. Acc. Public Policy (2003) 22(6):461–485Crossref, Google Scholar
• Gouda M. G., Liu X.-Y. A. Firewall design: Consistency, completeness, and compactness. 24th Internat. Conf. Distributed Comput. Systems (2004) Tokyo:320–327Crossref, Google Scholar
• Holden G.Guide to Firewalls and Network Security (2004) (Course Technology, Boston) Google Scholar
• Ilgun K. Ustat: A real-time intrusion detection system for Unix. (1992) . Master's thesis, Computer Science Department, University of California at Santa BarbaraGoogle Scholar
• Kumar S., Spafford E. A pattern matching model for misuse intrusion detection. The COAST Project (1996) (Purdue University, West Lafayette, IN) Google Scholar
• Lippmann R. P., Haines J. W., Fried D. J., Graf I., Kobra J., Das K. The 1999 DARPA off-line intrusion detection evaluation. Comput. Networks (2000) 34(2):579–595Crossref, Google Scholar
• Lunt T. Ides: An intelligent system for detecting intruders. Proc. Sympos.: Comput. Security, Threat Countermeasures (1990) Rome:110–121Google Scholar
• Lunt T. A survey of intrusion detection techniques. Comput. Security (1993) 12(4):405–418Crossref, Google Scholar
• Lunt T., Jagannathan R. A prototype real-time intrusion detection expert system. Proc. 1988 IEEE Sympos. Security Privacy (1988) Oakland, CA:59–66Crossref, Google Scholar
• Magalhaes R.Network Security Recommendations That Will Enhance Your Windows Network (2004) . WindowsSecurity.comGoogle Scholar
• McCarthy L.Intranet Security (1998) (Sun Microsystems Press, Santa Clara, CA) Google Scholar
• Monrose F., Rubin A. Authentication via keystroke dynamics. 4th ACM Conf. Comput. Comm. Security (1997) Zurich:48–56Crossref, Google Scholar
• Neumann P., Porras P. Experience with emerald to date. Proc. 1st USENIX Workshop Intrusion Detection Network Monitoring (1999) Santa Clara, CA:73–80Google Scholar
• Nizovtsev D., Thursby M. Economic analysis of incentives to disclose software vulnerabilities. (2005) Workshop on the Economics of Information SecurityBostonGoogle Scholar
• NMABConfiguration Management and Performance Verification of Explosives-Detection Systems (1998) (Publication NMAB-482-3, National Academy Press, Washington, DC) Google Scholar
• NSS Gigabit intrusion detection systems. (2004) . White paper, The NSS Group, Carlsbad, CAGoogle Scholar
• Ogut H., Cavusoglu H., Raghunathan S. Intrusion-detection policies for IT security breaches. INFORMS J. Comput. (2008) 20(1):112–123Link, Google Scholar
• Ogut H., Menon N., Raghunathan S. Cyber insurance and IT security investment: Impact of interdependent risk. (2005) Workshop on the Economics of Information SecurityBostonGoogle Scholar
• Ozment A. Bug auctions: Vulnerability markets reconsidered. (2004) Workshop on the Economics of Information SecurityMinneapolisGoogle Scholar
• Piessens F. A taxonomy of causes of software vulnerabilities in Internet software. 13th Internat. Sympos. Software Reliability Engrg. (2002) Annapolis, MD:47–52Google Scholar
• Porras P., Kemmerer R. Penetration state transition analysis: A rule-based intrusion detection approach. IEEE 8th Annual Comput. Security Appl. Conf. (1992) San Antonio, TX:220–229Crossref, Google Scholar
• Porras P., Neumann P. Emerald: Event monitoring enabling responses to anomalous live disturbances. Proc. 20th Nat. Inform. Systems Security Conf. (1997) Baltimore:353–365Google Scholar
• Schechter S. How to buy better testing: Using competition to get the most security and robustness for your dollar. Infrastructure Security Conf. (2002) Bristol, UK:73–87Crossref, Google Scholar
• Trees H. V.Detection, Estimation and Modulation Theory-Part I (2001) (John Wiley, New York) Google Scholar
• Ulvila J. W., Gaffney J. E. A decision analysis method for evaluating computer intrusion detection systems. INFORMS Decision Anal. (2004) 1(1):35–50Link, Google Scholar
• Whitman M., Mattord H.Principles of Information Security (2003) (Course Technology, Boston) Google Scholar
• Yue W. T., Bagchi A. Tuning the quality parameters of a firewall to maximize net benefit. (2003) (Springer, Berlin/Heidelberg) 321–329Lecture Notes in Comput. Sci., Distributed Computing—IWDC 2003Crossref, Google Scholar
• Zamboni D., Spafford E. New directions for the AAPHID architecture. Workshop Recent Adv. Intrusion Detection (1999) West Lafayette, INGoogle Scholar