Help
Cart
Skip main navigation

Available Issues

April 10, 2013 - April 2, 2026

Available Issues

April 10, 2013 - April 2, 2026

When Being Hot Is Not Cool: Monitoring Hot Lists for Information Security

Published Online:29 Nov 2016https://doi.org/10.1287/isre.2016.0677

References

  • August T, Tunca TI (2011) Who should be responsible for software security? A comparative analysis of liability policies in network environments. Management Sci. 57(5):934–959.LinkGoogle Scholar
  • August T, Niculescu MF, Shin H (2014) Cloud implications on software network structure and security risks. Inform. Systems Res. 25(3):499–510.LinkGoogle Scholar
  • Axelsson S (2000) Intrusion detection systems: A taxonomy and survey. Technical Report 99–15 Department of Computer Engineering, Chalmers University of Technology, Gothenburg, Sweden.Google Scholar
  • Baayer J, Regragui B, Baayer A (2014) False positive responses optimization for intrusion detection system. J. Inform. Security 5(2):19–36.CrossrefGoogle Scholar
  • Bai X, Gopal R, Nunez M, Zhdanov D (2014) A decision methodology for managing operational efficiency and information disclosure risk in healthcare processes. Decision Support Systems 57(1):406–416.CrossrefGoogle Scholar
  • Bejtlich R (2004) The Tao of Network Security Monitoring: Beyond Intrusion Detection (Addison-Wesley Professional, Boston).Google Scholar
  • Brown JD (2012) To outsource or not outsource: That is the network security question. StillSecure White Paper. http://www.hostway.com/managed-security/media/StillSecure%20Insource_vs_Outsource_whitepaper.pdf.Google Scholar
  • Bucklin R, Sismeiro C (2003) A model of Web site browsing behavior estimated on clickstream data. J. Marketing Res. 40(3):249–267.CrossrefGoogle Scholar
  • Cavusoglu H, Cavusoglu H, Raghunathan S (2004a) Economics of IT security management: Four improvements to current security practices. Comm. Assoc. Inform. Systems 14(3):65–75.Google Scholar
  • Cavusoglu H, Koh B, Raghunathan S (2010) An analysis of the impact of passenger profiling for transportation security. Oper. Res. 158(5):1287–1302.LinkGoogle Scholar
  • Cavusoglu H, Mishra B, Raghunathan S (2004b) A model for evaluating IT security investments. Comm. ACM 47(7):87–92.CrossrefGoogle Scholar
  • Cavusoglu H, Mishra B, Raghunathan S (2005) The value of intrusion detection systems in information technology security architecture. Inform. Systems Res. 16(1):28–46.LinkGoogle Scholar
  • Cavusoglu H, Raghunathan S, Cavusoglu H (2009) Configuration of and interaction between information security technologies: The case of firewalls and intrusion detection systems. Inform. Systems Res. 20(2):198–217.LinkGoogle Scholar
  • Cavusoglu H, Raghunathan S, Yue WT (2008) Decision-theoretic and game-theoretic approaches to IT security investment. J. Management Inform. Systems 25(2):281–304.CrossrefGoogle Scholar
  • Cezar A, Cavusoglu H, Raghunathan S (2014) Outsourcing information security: Contracting issues and security implications. Management Sci. 60(3):638–657.LinkGoogle Scholar
  • Cisco (2015) Cisco security monitoring, analysis, and response system 4.3.1 and 5.3.1. http://goo.gl/7xfIVO.Google Scholar
  • Datta A, Dutta K, Thomas H, VanderMeet D (2003) World wide wait: A study of Internet scalability and cache-based approaches to alleviate it. Management Sci. 49(10):1425–1444.LinkGoogle Scholar
  • Dell (2015) Going the MSSP route. http://www.secureworks.com/assets/pdf-store/articles/going_the_mssp_route_-_tco_issues.pdf.Google Scholar
  • Ding W, Yurcik W (2005) Outsourcing Internet security: The effect of transaction costs on managed service providers. Gavish B, ed. Internat. Conf. Telecomm. Systems, Modeling, Anal. (Institute for Information Infrastructure Protection, Washington, DC),947–958.Google Scholar
  • Ding W, Yurcik W (2006) Economics of Internet security outsourcing: Simulation results based on the Schneier model. Workshop Econom. Securing Inform. Infrastructure (WESII) (American Telecommunications Systems Management Association, Dallas), 23–23.Google Scholar
  • F5 Networks (2013) Configuration guide for BIG-IP application security manager. Seattle, https://goo.gl/L9s7HZ.Google Scholar
  • F5 Networks (2015) BIG-IP application security manager online manual. Seattle, https://support.f5.com/kb/en-us/products/big-ip_asm.html.Google Scholar
  • Fang X, Sheng LOR, Gao W, Iyer B (2006) A data-mining-based prefetching approach to caching for network storage systems. INFORMS J. Comput. 18(2):267–282.LinkGoogle Scholar
  • Fisher W, Meier-Hellstern K (1993) The Markov-modulated Poisson process (MMPP) cookbook. Performance Evaluation 18(2):149–171.CrossrefGoogle Scholar
  • Fitzparick V (2008) Intrusion detection and prevention in-sourced or out-sourced. SANS Inst. InfoSec Reading Room, http://www.sans.org/reading-room/whitepapers/intrusion/intrusion-detection-prevention-in-sourced-out-sourced-32854.Google Scholar
  • Garfinkel R, Gopal R, Thompson S (2007) Releasing individually identifiable microdata with privacy protection against stochastic threat: An application to health information. Inform. Systems Res. 18(1):23–41.LinkGoogle Scholar
  • Gartner (2014) Gartner says worldwide information security spending will grow almost 8 percent in 2014 as organizations become more threat-aware. http://www.gartner.com/newsroom/id/2828722.Google Scholar
  • Goodall JR, Lutters WG, Komlodi A (2004) I know my network: Collaboration and expertise in intrusion detection. Herbsleb J, Olson G, eds. Proc. 2004 ACM Conf. Comput. Supported Cooperative Work (ACM, New York), 342–345.CrossrefGoogle Scholar
  • Goodall JR, Lutters WG, Komlodi A (2009) Developing expertise for network intrusion detection. Inform. Tech. People 22(2):92–108.CrossrefGoogle Scholar
  • Gupta A, Zhdanov D (2012) Growth and sustainability of managed security services networks: An economic perspective. MIS Quart. 36(4):1109–1130.CrossrefGoogle Scholar
  • Heindl A (2003) Decomposition of general queueing networks with MMPP inputs and customer losses. Performance Evaluation 51(2–4):117–136.CrossrefGoogle Scholar
  • Hewlett-Packard (2013) Security operations—Building a successful SOC. http://www8.hp.com/h20195/V2/GetPDF.aspx/4AA4-6169ENW.pdf.Google Scholar
  • Himberger KD, Jeffries CD, McMillen DM, Ziraldo JA (2006) System, method, and program product for managing an intrusion detection system. US Patent US7084760 B2.Google Scholar
  • Hosanagar K, Tan Y (2011) Cooperative cashing? An economic analysis of document duplication in cooperative Web caching. Inform. Systems Res. 23(2):356–375.LinkGoogle Scholar
  • Hui KL, Hui W, Yue WT (2012) Information security outsourcing with system interdependency and mandatory security requirement. J. Management Inform. Systems 29(3):117–156.CrossrefGoogle Scholar
  • IBM (2015) IBM managed security services for security event and log management. http://www-935.ibm.com/services/us/igs/pdf-iss-contracts/ireland-7808-00.pdf.Google Scholar
  • Jonsson E, Olovsson T (1997) A quantitative model of the security intrusion process based on attacker behavior. IEEE Trans. Software Engrg. 23(4):235–245.CrossrefGoogle Scholar
  • Kaplan J (2003) Outsourcing trends—A matter of perspective? Bus. Comm. Rev. 33(8):46–50.Google Scholar
  • Kavanagh K, Pescatore J (2009) Magic quadrant for MSSPs, North America. Gartner RAS Core Res. Note G00166138. http://www.tatacommunications.com/downloads/enterprise/Tata_Communications_3053.pdf.Google Scholar
  • Kaya C, Zhang G, Tan Y, Mookerjee V (2009) An admission-control technique for delay reduction in proxy caching. Decision Support Systems 46(2):594–603.CrossrefGoogle Scholar
  • Kelly T, Reeves R (2001) Optimal Web cache sizing: Scalable methods for exact solutions. Comput. Comm. 24(2):163–173.CrossrefGoogle Scholar
  • Kerr D (2013) Bots now running the Internet with 61 percent of Web traffic. CNET (December 12). http://www.cnet.com/news/bots-now-running-the-internet-with-61-percent-of-web-traffic/.Google Scholar
  • Kim E (2015) Companies are freaked out about cybersecurity and plan to spend a lot more on it this year. Bus. Insider (January 6) https://goo.gl/XOMTKz.Google Scholar
  • Kubota M (2005) Intrusion detection and prevention system. US Patent US7757285 B2.Google Scholar
  • Kumar S, Spafford E (1996) A pattern matching model for misuse intrusion detection. Working paper, Purdue University, West Lafayette, IN.Google Scholar
  • Lacity MC, Khan SA, Willcocks LP (2009) A review of the IT outsourcing literature: Insights for practice. J. Strategic Inform. Systems 18(3):130–146.CrossrefGoogle Scholar
  • Law A (2014) Simulation Modeling and Analysis, 3rd ed. (McGraw-Hill, Boston).Google Scholar
  • Lord N (2015) How to hire and evaluate managed security service providers (MSSPs). Digital Guardian, https://goo.gl/UWYdS2.Google Scholar
  • McLay L, Jacobson S, Kobza J (2006) A multilevel passenger screening problem for aviation security. Naval Res. Logist. 53(3):183–197.CrossrefGoogle Scholar
  • McLay L, Jacobson S, Kobza J (2008) The trade-off between technology and prescreening intelligence in checked baggage screening for aviation security. J. Transportation Security 1(2):107–126.CrossrefGoogle Scholar
  • Mitchell R, Chen I (2014) A survey of intrusion detection techniques for cyber-physical systems. ACM Comput. Surveys 46(4):Article 55.CrossrefGoogle Scholar
  • Moitra S, Konda S (2000) A simulation model for managing survivability of networked information systems. Technical Report, Carnegie Mellon Software Engineering Institute, Carnegie Mellon University, Pittsburgh.Google Scholar
  • Monrose F, Rubin A (1997) Authentication via keystroke dynamics. 4th ACM Conf. Comput. Comm. Security (ACM, New York),48–56.CrossrefGoogle Scholar
  • Mookerjee V, Tan Y (2002) Analysis of a least recently used cache management policy for Web browsers. Oper. Res. 50(2):345–357.LinkGoogle Scholar
  • Neumann P, Porras P (1999) Experience with Emerald to date. Ranum M, ed. Proc. 1st USENIX Workshop Intrusion Detection Network Monitoring (USENIX, Berkeley, CA), 73–80.Google Scholar
  • Ogut H, Cavusoglu H, Raghunathan S (2008) Intrusion-detection policies for IT security breaches. INFORMS J. Comput. 20(1):112–123.LinkGoogle Scholar
  • Peng T, Leckie C, Ramamohanarao K (2007) Survey of network-based defense mechanisms countering the DoS and DDoS problems. ACM Comput. Surveys 39(1):Article 3.CrossrefGoogle Scholar
  • Pietro RD, Mancini LV (2008) Intrusion Detection Systems (Springer, New York).Google Scholar
  • Podlipnig S, Bszrmenyi L (2003) A survey of Web cache replacement strategies. ACM Comput. Surveys 35(4):374–398.CrossrefGoogle Scholar
  • Ransbotham S, Mitra S (2009) Choice and chance: A conceptual model of paths to information security compromise. Inform. Systems Res. 20(1):121–139.LinkGoogle Scholar
  • Sandhu UA, Haider S, Naseer S, Ateeb OU (2011) A survey of intrusion detection and prevention techniques. Internat. Conf. Inform. Comm. Management (IACSIT Press, Singapore), 66–71.Google Scholar
  • Santor MSS (2015) NetworkSentry: Efficient network surveillance from Sentor. https://www.sentormss.com/managed-security-services/networksentry-network-surveillance/.Google Scholar
  • Scarfone K, Mell P (2007) Guide to intrusion detection and prevention systems (IDPS). Technical Report, National Institute of Standards and Technology, Gaithersburg, MD.Google Scholar
  • Schneier B (2002) The case for outsourcing security. IEEE Comput. 35(4):20–26.CrossrefGoogle Scholar
  • Schneier B (2007) Managed security monitoring: Network security for the 21st century. Report, British Telecommunications, London. http://www2.computable.nl/downloads/Counterpane_WP5.pdf.Google Scholar
  • Smith B (2015) Thinking about security monitoring and event correlation. http://www.secureworks.com/resources/articles/other_articles/correlation/.Google Scholar
  • Sommestad T, Hunstad A (2013) Intrusion detection and the role of the system administrator. Inform. Management Comput. Security 21(1):30–40.CrossrefGoogle Scholar
  • Statista (2015) Monthly unique visitors to U.S. retail websites in 3rd quarter 2014. http://www.statista.com/statistics/271450/monthly-unique-visitors-to-us-retail-websites/.Google Scholar
  • The White House (2015) Remarks by the President at the cybersecurity and consumer protection summit. http://www.whitehouse.gov/the-press-office/2015/02/13/remarks-president-cybersecurity-and-consumer-protection-summit.Google Scholar
  • Ulvila JW, Gaffney JE (2004) A decision analysis method for evaluating computer intrusion detection systems. Decision Anal. 1(1):35–50.LinkGoogle Scholar
  • Verizon (2012) Managed security services—Premises premium+. https://goo.gl/H1CXdl.Google Scholar
  • Virta J, Jacobson S, Kobza J (2003) Analyzing the cost of screening selectee and non-selectee baggage. Risk Anal. 23(5):897–908.CrossrefGoogle Scholar
  • Werlinger R, Hawkey K, Muldner K (2008) The challenges of using an intrusion detection system: Is it worth the effort? Proc. 4th Sympos. Usable Privacy Security (ACM, New York), 107–118.CrossrefGoogle Scholar
  • Werlinger R, Muldner K, Hawkey K, Beznosov K (2009) Towards understanding diagnostic work during the detection and investigation of security incidents. Furnell S, Clarke N, eds. Proc. Third Internat. Sympos. Human Aspects Inform. Security Assurance (University of Plymouth, Plymouth, UK), 119–134.Google Scholar
  • Werlinger R, Muldner K, Hawkey K, Beznosov K (2010) Preparation, detection, and analysis: The diagnostic work of IT security incident response. Inform. Management Comput. Security 18(1):26–42.CrossrefGoogle Scholar
  • Whang S (1992) Contracting for software development. Management Sci. 38(3):307–324.LinkGoogle Scholar
  • Zamboni D, Spafford E (1999) New directions for the AAPHID architecture. Spafford G, ed. Workshop Recent Adv. Intrusion Detection (Purdue University, West Lafayette, IN).Google Scholar
  • Zhao X, Whinston A (2013) Managing interdependent information security risks: Cyberinsurance, managed security services, and risk pooling arrangements. J. Management Inform. Systems 30(1):123–152.CrossrefGoogle Scholar
  • Zwillinger D (2011) CRC Standard Mathematical Tables and Formulae, 32nd ed. (CRC Press, Boca Raton, FL).CrossrefGoogle Scholar
Previous
Back to Top
Next
INFORMS site uses cookies to store information on your computer. Some are essential to make our site work; Others help us improve the user experience. By using this site, you consent to the placement of these cookies. Please read our Privacy Statement to learn more.
Agree