Collection of Quantitative Data on Security Incidents

A
ARES
2007
The Second International Conference on Availability, Reliability and Security (ARES'07)
Abstract - Collection of Quantitative Data on Security Incidents

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Thomas Nowey Articles by Hannes Federrath

The Second International Conference on Availability, Reliability and Security (ARES'07)

Vienna, Austria

April 10-April 13

ISBN: 0-7695-2775-2

	ASCII Text	x
	Thomas Nowey, Hannes Federrath, "Collection of Quantitative Data on Security Incidents," Availability, Reliability and Security, International Conference on, pp. 325-334, The Second International Conference on Availability, Reliability and Security (ARES'07), 2007.

	BibTex	x
	@article{ 10.1109/ARES.2007.57, author = {Thomas Nowey and Hannes Federrath}, title = {Collection of Quantitative Data on Security Incidents}, journal ={Availability, Reliability and Security, International Conference on}, volume = {0}, year = {2007}, isbn = {0-7695-2775-2}, pages = {325-334}, doi = {http://doi.ieeecomputersociety.org/10.1109/ARES.2007.57}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Availability, Reliability and Security, International Conference on TI - Collection of Quantitative Data on Security Incidents SN - 0-7695-2775-2 SP325 EP334 A1 - Thomas Nowey, A1 - Hannes Federrath, PY - 2007 KW - null VL - 0 JA - Availability, Reliability and Security, International Conference on ER -

Thomas Nowey, University of Regensburg Germany

Hannes Federrath, University of Regensburg Germany

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ARES.2007.57

Quantitative data about security threats is a precondition for a precise assessment of security risks and consequently for an efficient management of information security. Currently such data is hardly available, especially for small and medium-sized organizations. In this paper we discuss different ways of gathering quantitative data and present a new approach for the collection of historical data on security incidents. We propose a platform that collects, aggregates and evaluates data on security incidents from multiple organizations. We identify basic requirements for such a platform and show approaches for satisfying them. We especially emphasize the aspects of security and fairness. Finally we introduce a prototype that shows how an implementation could look like.

Citation:

Thomas Nowey, Hannes Federrath, "Collection of Quantitative Data on Security Incidents," ares, pp.325-334, The Second International Conference on Availability, Reliability and Security (ARES'07), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.