Analysis of Computer Security Incident Data
Project Overview:
Organizations face increasing challenges in addressing and preventing computer and network security incidents. There are financial consequences from security incidents. These include lost time and resources used during recovery, possible theft of personal and/or proprietary information, and reputational damage that may negatively impact stock prices or reduce consumer confidence in a company. Being able to understand and predict trends in computer and network security incidents can aid an organization with resource allocation for prevention of such incidents, as well as evaluation of mitigation strategies.
One project examined a large set of security incident
data using tools from the software reliability community. We looked at applying
Non-Homogenous Poisson Process (NHPP) models as a method for describing the
reliability growth process. We examined the full set of incidents as well as
subsets of the data based on incident types. We looked at using the
A second project looked at using time series models with a large set of security incident data. We examined appropriateness of the data for modeling and consider needed transformations. Parameter search and model selection criteria were discussed. Then, forecasts from time series models were compared to forecasts from Non-Homogeneous Poisson Process (NHPP) software reliability growth (SRG) models.
Current Student: Ed Condon.
Publications:
Analysis of Computer Security Incident Data Using Time Series Models, E. Condon, Angela He, and M. Cukier, in Proc. 19th IEEE International Symposium on Software Reliability Engineering (ISSRE 2008), Seattle/Redmond, WA, November 11-14, 2008, pp. 77-86.
Applying Software Reliability Models on Security
Incidents, E. Condon, M. Cukier, and T. He, in Proc.
18th IEEE International Symposium on Software Reliability Engineering (ISSRE
2007),