Show simple item record

A Public Health Modeling Based Approach to Information Security Quantification

dc.contributor.advisorCukier, Michelen_US
dc.contributor.authorCondon, Edwarden_US
dc.date.accessioned2015-07-17T05:31:15Z
dc.date.available2015-07-17T05:31:15Z
dc.date.issued2015en_US
dc.identifierhttps://doi.org/10.13016/M21334
dc.identifier.urihttp://hdl.handle.net/1903/16777
dc.description.abstractModeling the occurrence of computer security incidents within a defined population of computers can be used to help understand some of factors contributing to risk and transmission of these incidents among the population. A better understanding of these factors can be used to determine appropriate intervention actions that can be applied to the population, which may also be evaluated through the application of models. Explanatory models attempt to include and account for various primary factors that affect the occurrence of computer security incidents. Models based on observed security incidents may also be used to evaluate interventions even when explanatory models may not exist or may be difficult to formulate or express for a particular incident type. Forecasting models can be used to project the occurrence of incidents in the future and these projections can be compared to actual observations before and after interventions are applied. The following aspects of modeling computer security incidents are explored: (1) the presentation and discussion of adapting some commonly used infectious disease models for modeling the spread of some types of computer security incidents along with applicable intervention actions; (2) an illustration of how these types of models could be applied to making resource allocation decisions regarding intervention efforts; (3) the presentation and comparison of models that can be used for tracking/forecasting security incidents and monitoring the impact of interventions; (4) the presentation of a method for estimating model features and parameter distributions from observed data; and (5) the exploration of some population characteristics and models for evaluating where to focus or target intervention actions. When resources for responding to or preventing computer security incidents are limited or constrained, the ability to accurately model and evaluate intervention actions can be a useful tool for making the most of these resources.en_US
dc.language.isoenen_US
dc.titleA Public Health Modeling Based Approach to Information Security Quantificationen_US
dc.typeDissertationen_US
dc.contributor.publisherDigital Repository at the University of Marylanden_US
dc.contributor.publisherUniversity of Maryland (College Park, Md.)en_US
dc.contributor.departmentReliability Engineeringen_US
dc.subject.pqcontrolledEngineeringen_US
dc.subject.pqcontrolledEpidemiologyen_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record