Results 1 - 10
of
71
The economics of information security investment
- ACM Transactions on Information and System Security
"... This article presents an economic model that determines the optimal amount to invest to protect a given set of information. The model takes into account the vulnerability of the information to a security breach and the potential loss should such a breach occur. It is shown that for a given potential ..."
Abstract
-
Cited by 222 (4 self)
- Add to MetaCart
This article presents an economic model that determines the optimal amount to invest to protect a given set of information. The model takes into account the vulnerability of the information to a security breach and the potential loss should such a breach occur. It is shown that for a given potential loss, a firm should not necessarily focus its investments on information sets with the highest vulnerability. Since extremely vulnerable information sets may be inordinately expensive to protect, a firm may be better off concentrating its efforts on information sets with midrange vulnerabilities. The analysis further suggests that to maximize the expected benefit from invest-ment to protect information, a firm should spend only a small fraction of the expected loss due to a security breach.
Password Hardening Based on Keystroke Dynamics
- International Journal of Information Security
, 1999
"... Abstract. We present a novel approach to improving the security of passwords. In our approach, the legitimate user’s typing patterns (e.g., durations of keystrokes and latencies between keystrokes) are combined with the user’s password to generate a hardened password that is convincingly more secure ..."
Abstract
-
Cited by 143 (8 self)
- Add to MetaCart
(Show Context)
Abstract. We present a novel approach to improving the security of passwords. In our approach, the legitimate user’s typing patterns (e.g., durations of keystrokes and latencies between keystrokes) are combined with the user’s password to generate a hardened password that is convincingly more secure than conventional passwords alone. In addition, our scheme automatically adapts to gradual changes in a user’s typing patterns while maintaining the same hardened password across multiple logins, for use in file encryption or other applications requiring a long-term secret key. Using empirical data and a prototype implementation of our scheme, we give evidence that our approach is viable in practice, in terms of ease of use, improved security, and performance.
How Much Is Enough? A Risk-Management Approach to Computer Security
"... How much security is enough? No one today can satisfactorily answer this question for computer-related risks. The first generation of computer security risk modelers struggled with issues arising out of their binary view of security, ensnaring them in an endless web of assessment, disagreement, and ..."
Abstract
-
Cited by 64 (0 self)
- Add to MetaCart
How much security is enough? No one today can satisfactorily answer this question for computer-related risks. The first generation of computer security risk modelers struggled with issues arising out of their binary view of security, ensnaring them in an endless web of assessment, disagreement, and gridlock. Even as professional risk managers wrest responsibility away from the first-generation technologists, they are still unable to answer the question with sufficient quantitative rigor. Their efforts are handicapped by a reliance on non-quantitative methodologies originally developed to address the deployment and organizational acceptance issues that plagued first-generation tools.
NCryptfs: A secure and convenient cryptographic file system
- In Proceedings of the Annual USENIX Technical Conference
, 2003
"... Securing data is more important than ever. As the Internet has become more pervasive, security attacks have ..."
Abstract
-
Cited by 54 (20 self)
- Add to MetaCart
(Show Context)
Securing data is more important than ever. As the Internet has become more pervasive, security attacks have
Computer Virus Propagation Models
- In Tutorials of the 11th IEEE/ACM International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunications Systems (MASCOTS’03
, 2003
"... The availability of reliable models of computer virus propagation would prove useful in a number of ways, in order both to predict future threats, and to develop new containment measures. In this paper, we review the most popular models of virus propagation, analyzing the underlying assumptions of e ..."
Abstract
-
Cited by 29 (2 self)
- Add to MetaCart
The availability of reliable models of computer virus propagation would prove useful in a number of ways, in order both to predict future threats, and to develop new containment measures. In this paper, we review the most popular models of virus propagation, analyzing the underlying assumptions of each of them, their strengths and their weaknesses. We also introduce a new model, which extends the Random Constant Spread modeling technique, allowing us to draw some conclusions about the behavior of the Internet infrastructure in presence of a self-replicating worm. A comparison of the results of the model with the actual behavior of the infrastructure during recent worm outbreaks is also presented.
The Effect of Identifying Vulnerabilities and Patching Software on the Utility of Network Intrusion Detection
, 2002
"... Vulnerability scanning and installing software patches for known vulnerabilities greatly affects the utility of network-based intrusion detection systems that use signatures to detect system compromises. A detailed timeline analysis of important remote-to-local vulnerabilities demonstrates (1) Vu ..."
Abstract
-
Cited by 22 (1 self)
- Add to MetaCart
Vulnerability scanning and installing software patches for known vulnerabilities greatly affects the utility of network-based intrusion detection systems that use signatures to detect system compromises. A detailed timeline analysis of important remote-to-local vulnerabilities demonstrates (1) Vulnerabilities in widely-used server software are discovered infrequently (at most 6 times a year) and (2) Software patches to prevent vulnerabilities from being exploited are available before or simultaneously with signatures. Signature-based intrusion detection systems will thus never detect successful system compromises on small secure sites when patches are installed as soon as they are available.
Using embedded sensors for detecting network attacks
, 2000
"... Embedded sensors for intrusion detection consist of code added to the operating system and the programs of the hosts where monitoring will take place. The sensors check for specific conditions that indicate an attack is taking place, or an intrusion has occurred. Embedded sensors have advantages ove ..."
Abstract
-
Cited by 11 (2 self)
- Add to MetaCart
(Show Context)
Embedded sensors for intrusion detection consist of code added to the operating system and the programs of the hosts where monitoring will take place. The sensors check for specific conditions that indicate an attack is taking place, or an intrusion has occurred. Embedded sensors have advantages over other data collection techniques (usually implemented as separate processes) in terms of reduced host impact, resistance to attack, efficiency and effectiveness of detection. We describe the use of embedded sensors in general, and their application to the detection of specific network-based attacks. The sensors were implemented in the OpenBSD operating system, and our tests show a 100 % success rate in the detection of the attacks for which sensors were instrumented. We discuss the sensors implemented and the results obtained, as well as current and future work in the area.
Detection and Control of DDOS Attacks over Reputation and Score Based MANET
"... MANET is quickly spreading for the property of its capability in forming rapidly changing topologies network without the aid of any established infrastructure or centralized administration. The security challenges in MANET have become a primary concern to provide secure communication. The Attacks on ..."
Abstract
-
Cited by 6 (1 self)
- Add to MetaCart
MANET is quickly spreading for the property of its capability in forming rapidly changing topologies network without the aid of any established infrastructure or centralized administration. The security challenges in MANET have become a primary concern to provide secure communication. The Attacks on MANET disrupts network performance and reliability. The DOS (denial-of-service), Distributed denial-of-service (DDoS) attacks are a rapidly growing problem. The multitude and variety of both the attacks and the defense approaches is overwhelming. These attacks lead toward the degradation or prevention of legitimate use of network resources. There is a need to provide an incentive or credit based mechanism that can provide cooperation among nodes in the network and improve overall network performance and functionality by prevention, detection and control of DOS and DDOS attacks. Therefore, in this paper, we proposed the detection and control mechanism for DDOS attacks over reputation and score based MANET and a clustering technique uses the reputation and score value of nodes.
Attitude toward ethical behavior in computer use: a shifting model
- Industrial Management and Data System
, 2005
"... Purpose – In this study the researchers attempt to identify factors that could influence an individual’s attitude toward ethical behavior in the information systems (IS) environment and compare them to the findings of an earlier study to determine any changes. Design/methodology/approach – A sample ..."
Abstract
-
Cited by 4 (0 self)
- Add to MetaCart
(Show Context)
Purpose – In this study the researchers attempt to identify factors that could influence an individual’s attitude toward ethical behavior in the information systems (IS) environment and compare them to the findings of an earlier study to determine any changes. Design/methodology/approach – A sample of university students is used to assess environmental influences (societal, belief system, personal, professional, legal, and business), moral obligation, consequences of the action, and gender, in order to determine what influences an individual’s attitude toward a behavior. Discriminant analysis is used to assess the factor influences. Findings – The findings indicate that many factors influence attitude toward ethical decisions and are dependent upon the type of ethical issue involved. Moreover, based on two time periods, the ethical attitude influencers have shifted over time. The gender findings indicate that attitude influencers are also dependent on the sex of the individual. Originality/value – The findings show that attitude influencers have shifted over time (since an earlier study), which means that organizations must periodically reassess their employees ’ ethical climate and adjust their ethics ’ programs as attitude influencers change. The findings also show that training programs need to focus on the different influencers for males and females.
Automated Checking of SAP Security Permissions
- LAUSANNE, SWITZERLAND
, 1993
"... Configuring user security permissions in standard business applications (such as SAP systems) is difficult and error-prone. There are many examples of wrongly configured systems that are open to misuse by unauthorised parties. To check permission files of a realistic size in a medium to large organi ..."
Abstract
-
Cited by 3 (1 self)
- Add to MetaCart
(Show Context)
Configuring user security permissions in standard business applications (such as SAP systems) is difficult and error-prone. There are many examples of wrongly configured systems that are open to misuse by unauthorised parties. To check permission files of a realistic size in a medium to large organisation manually -- a typical number would be 60,000 entries -- can be a daunting task which is often neglected. We present research on construction of a tool which automatically checks the SAP configuration for security policy rules (such as separation of duty). The tool uses advanced methods of automated software engineering: The permissions are given as input in an XML format through an interface from the SAP system, the rules are formulated as UML specifications in a standard UML CASE tool and output as XMI, and our tool checks the permissions against the rules using an analyser written in Prolog. Because of its modular architecture and its standardised interfaces, the tool can be easily adapted to check security constraints in other kinds of application software (such as firewall or other access control configurations).
