Intrusion detection response model based on cost-analysis

[1] Rebecca T Mercuri. Security watch: analyzing security costs[J]. Communications of the ACM,2003,46(6):15-18 [2] Bistarelli S, Fioravanti F, Peretti P. Defense trees for economic evaluation of security investments Proceedings of the First International Conference on Availability, Reliability and Security (ARES-06) IEEE.Los Alamitos: The IEEE Computer Society, 2006:416-423 [3] Cremonini M, Martini P. Evaluating information security investments from attackers perspective: the Return-On-Attack (ROA) Proceedings of the Fourth Workshop on the Economics of Information Security. Cambridge: ,2005 [4] Gordon L,Loeb M. The economics of information security investment[J]. ACM Transactions on Information and System Security,2002,5(4):438-457 [5] Gordon L,Loeb M.Budgeting process for information security expenditures[J]. Communications of the ACM,2006,49(1):121-125 [6] Cavusoglu H, Mishra B, Raghunathan S. A model for evaluating IT security investments[J].Communications of the ACM,2004,47(7):87-92 [7] Cavusoglu H, Mishra B, Raghunathan S.The value of IDS in IT security architecture[J].Information Systems Research,2005,19(1):28-46 [8] Wenke Lee, Wei Fan, Matthew Miller,et al. Toward cost-sensitive modeling for intrusion detection and response[J].Journal of Computer Security,2002,10:5-22 [9] McHugh J, Christie A.C, Allen J. Defending yourself: The role of intrusion detection systems[J]. IEEE Software,2000,17(5):42-51 [10] NIST Publication 800-12.1996. An Introduction to Computer Security[S] [11] NorthcuttS.Intrusion detection:an analyst-handbook[M].Indianapolis: New Riders Publishing ,1999