Name
Abstract | ||
|---|---|---|
Finding relevant metrics in information security is an important but difficult problem. In this paper, we propose to empirically investigate the relevance of different security metrics that could be derived from intrusion prevention system (IPS) alert events and computer security incident data. Based on the data provided by the University of Maryland, we show that IPS metrics are linked to security incidents, and also that different types of security incidents have different significant metrics. These results can be used for identifying possible candidates for security incident indicators, developing methods to improve incident prevention and helping organizations interpret their IPS's better in the future. |
Year | DOI | Venue |
|---|---|---|
2013 | 10.1145/2459976.2460002 | CSIIRW |
Keywords | Field | DocType |
computer security incident data,security incident indicator,different security metrics,incident prevention,different significant metrics,different type,information security metrics,security incident,relevant metrics,ips metrics,empirical study,information security,intrusion prevention systems | Data mining,Computer security,Computer science,Information security,Intrusion prevention system,Information security management,Security information and event management,Information security audit,Threat,Empirical research | Conference |
Citations | PageRank | References |
3 | 0.39 | 6 |
Authors | ||
4 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Rodrigo Sanches Miani | 1 | 77 | 11.20 |
| Michel Cukier | 2 | 668 | 54.60 |
| Bruno Bogaz Zarpelão | 3 | 98 | 10.59 |
| Leonardo de Souza Mendes | 4 | 53 | 11.44 |