2011 Sixth International Conference on IT Security Incident Management and IT Forensics (2011)
May 10, 2011 to May 12, 2011
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/IMF.2011.10
Predicting security incidents and forecasting risk are two essential duties when designing an enterprise security system. Based on a quantitative risk assessment technique arising from an an attacker-defender model, we propose a Bayesian learning strategy to continuously update the quality of protection and forecast the decision-theoretic risk. Evidence for or against the security of particular system components can be obtained from various sources, including security patches, software updates, scientific or industrial research result notifications retrieved through RSS feeds. Using appropriate stochastic distribution models, we obtain closed-form expressions (formulas) for the times when to expect the next security incident and when a re-consideration of a security system or component becomes advisable.
Decision-theory, Risk-management, Risk forecasting, Bayesian learning, System security
S. Rass, "Towards a Rapid-Alert System for Security Incidents," 2011 Sixth International Conference on IT Security Incident Management and IT Forensics(IMF), Stuttgart, Germany, 2011, pp. 122-136.