Title :
Applying Software Reliability Models on Security Incidents
Author :
Condon, Edward ; Cukier, Michel ; He, Tao
Author_Institution :
Univ. of Maryland, College Park
Abstract :
Computer and network security incidents have increasing financial consequences as demand for network accessibility and connectivity to resources continues to rise. These security incidents can lead to direct financial losses either through data theft of personal and/or proprietary information as well as a reputational damage which may negatively impact stock prices or consumer confidence in a company. This paper examines a large set of security incident data using tools from the software reliability community. We look at applying Non-Homogenous Poisson Process (NHPP) models as a method for describing the reliability growth process. We examine the full set of incidents as well as subsets of the data based on incident types. We look at using the Laplace test to guide selection of the appropriate models. Then, based on the trend results, we apply various NHPP models (i.e., Goel-Okumutu, S-Shaped, Duane, and K-Stage Curve) to illustrate the relevance of using these models to fit the incident data and to predict future incidents.
Keywords :
security of data; software reliability; computer security incidents; consumer confidence; data theft; network security incidents; nonhomogenous Poisson process; reliability growth process; reputational damage; software reliability; stock prices; Computer network reliability; Computer security; Context modeling; Data security; Helium; Information security; Predictive models; Reliability engineering; Software reliability; Testing;
Conference_Titel :
Software Reliability, 2007. ISSRE '07. The 18th IEEE International Symposium on
Conference_Location :
Trollhattan
Print_ISBN :
978-0-7695-3024-6
DOI :
10.1109/ISSRE.2007.29
