Title :
Towards a Rapid-Alert System for Security Incidents
Author_Institution :
Inst. of Appl. Inf., Alpen-Adria Univ. Klagenfurt, Klagenfurt, Austria
Abstract :
Predicting security incidents and forecasting risk are two essential duties when designing an enterprise security system. Based on a quantitative risk assessment technique arising from an an attacker-defender model, we propose a Bayesian learning strategy to continuously update the quality of protection and forecast the decision-theoretic risk. Evidence for or against the security of particular system components can be obtained from various sources, including security patches, software updates, scientific or industrial research result notifications retrieved through RSS feeds. Using appropriate stochastic distribution models, we obtain closed-form expressions (formulas) for the times when to expect the next security incident and when a re-consideration of a security system or component becomes advisable.
Keywords :
business data processing; learning (artificial intelligence); risk management; security of data; stochastic processes; Bayesian learning strategy; attacker-defender model; enterprise security system; quantitative risk assessment technique; rapid-alert system; security incident; stochastic distribution models; Analytical models; Bayesian methods; Forecasting; Game theory; Games; Risk management; Security; Bayesian learning; Decision-theory; Risk forecasting; Risk-management; System security;
Conference_Titel :
IT Security Incident Management and IT Forensics (IMF), 2011 Sixth International Conference on
Conference_Location :
Stuttgart
Print_ISBN :
978-1-4577-0146-7
DOI :
10.1109/IMF.2011.10
