Abstract
An important requirement of an intrusion detection system (IDS) is that it be effective and efficient; that is, it should detect a large percentage of intrusions, while still keeping the false alarm rate at an acceptable level. In order to meet this requirement, the model and algorithm used by the IDS need to be calibrated or configured. The optimal configuration depends on several factors. The first factor is the quality profile of the IDS as indicated by its ROC (receiver operating characteristics), curve that relates the detection accuracy and the false alarm rate. The shape of the ROC curve depends on the detection technology used by the IDS. The second factor is the cost structure of the firm using the IDS. The third factor is the strategic behavior of hackers. A hacker’s behavior is influenced by the likelihood that (s)he will be caught, which, in turn, is dependent on the configuration of the IDS. In this article, we present an economic optimization model based on game theory that provides insights into optimal configuration of IDS. We present analytical as well as computational results. Our work extends the growing literature on the economics of information security. The main innovation of our approach is the inclusion of strategic interactions between IDS, firm, and hackers in the determination of optimal configuration and algorithm to do so.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
