Skip to content
University of Maryland LibrariesDigital Repository at the University of Maryland
    • Login
    View Item 
    •   DRUM
    • Theses and Dissertations from UMD
    • UMD Theses and Dissertations
    • View Item
    •   DRUM
    • Theses and Dissertations from UMD
    • UMD Theses and Dissertations
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    A Public Health Modeling Based Approach to Information Security Quantification

    Thumbnail
    View/Open
    Condon_umd_0117E_16207.pdf (2.691Mb)
    No. of downloads: 532

    Date
    2015
    Author
    Condon, Edward
    Advisor
    Cukier, Michel
    DRUM DOI
    https://doi.org/10.13016/M21334
    Metadata
    Show full item record
    Abstract
    Modeling the occurrence of computer security incidents within a defined population of computers can be used to help understand some of factors contributing to risk and transmission of these incidents among the population. A better understanding of these factors can be used to determine appropriate intervention actions that can be applied to the population, which may also be evaluated through the application of models. Explanatory models attempt to include and account for various primary factors that affect the occurrence of computer security incidents. Models based on observed security incidents may also be used to evaluate interventions even when explanatory models may not exist or may be difficult to formulate or express for a particular incident type. Forecasting models can be used to project the occurrence of incidents in the future and these projections can be compared to actual observations before and after interventions are applied. The following aspects of modeling computer security incidents are explored: (1) the presentation and discussion of adapting some commonly used infectious disease models for modeling the spread of some types of computer security incidents along with applicable intervention actions; (2) an illustration of how these types of models could be applied to making resource allocation decisions regarding intervention efforts; (3) the presentation and comparison of models that can be used for tracking/forecasting security incidents and monitoring the impact of interventions; (4) the presentation of a method for estimating model features and parameter distributions from observed data; and (5) the exploration of some population characteristics and models for evaluating where to focus or target intervention actions. When resources for responding to or preventing computer security incidents are limited or constrained, the ability to accurately model and evaluate intervention actions can be a useful tool for making the most of these resources.
    URI
    http://hdl.handle.net/1903/16777
    Collections
    • Mechanical Engineering Theses and Dissertations
    • UMD Theses and Dissertations

    DRUM is brought to you by the University of Maryland Libraries
    University of Maryland, College Park, MD 20742-7011 (301)314-1328.
    Please send us your comments.
    Web Accessibility
     

     

    Browse

    All of DRUMCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsThis CollectionBy Issue DateAuthorsTitlesSubjects

    My Account

    LoginRegister
    Pages
    About DRUMAbout Download Statistics

    DRUM is brought to you by the University of Maryland Libraries
    University of Maryland, College Park, MD 20742-7011 (301)314-1328.
    Please send us your comments.
    Web Accessibility