| ¡¡ | Chinese Journal of Computers Full Text |
| Title | Evaluation Model of Information Security Technologies Based on Game Theoretic |
| Authors | ZHU Jian-Ming1) Srinivasan Raghunathan2) |
| Address | 1)(School of Information, Central University of Finance and Economics, Beijing 100081) 2)(School of Management, University of Texas at Dallas, Richardson, Texas75083, USA) |
| Year | 2009 |
| Issue | No.4(828¡ª834) |
| Abstract & Background | Abstract Information security is more and more important in a firm¡¯s information systems. How to value the information security technologies is an important research issue recently. In this paper, the evaluation model of information security technologies is proposed based on game theory. And the information security technologies include firewall, intrusion detection system and intrusion tolerant which construct the three layers architecture. First, the value of intrusion detection system is presented. Then the relation between firewall, intrusion detection and intrusion tolerant is analyzed. It is found that the detection rate and false alarm rate are affected by the performance of the firewall. Research results show that the configuration of the information security technologies determines whether these technologies realized a positive or negative value. Intrusion tolerant is determined by the loss incurred by intrusion, the cost of the redundancy of the system, and performance of firewall and intrusion detection. It is important to a firm by optimal configuration for information security technologies. Keywords information security; intrusion detection; evaluation; game theory Background The increasing significance of information security to firms is evident from their growing IT security budgets. Firms rely on security technologies such as firewalls and intrusion detection systems (IDSs) to manage IT security risks. Although the literature on the technical aspects of IT security is proliferating, a debate exists in the IT security community about the value of these technologies. The research on these issues has become a new field, which called economics of information security. In this research, the professors in University of Texas at Dallas go ahead and they have published several important papers. The primary goal of IT security is balancing the conflicting needs of information protection and information access. To achieve this goal, firms typically deploy several different information security technologies. The deployment of multiple technologies makes configuration challenging and how to achieve the optimal benefit is a difficult problem. In this paper, the three layers architecture including firewall, intrusion detection and intrusion tolerant is discussed firstly. Majority of the earlier literature is on intrusion detection. Game theory is a strong tools to provide the mathematical framework for analysis, modeling, decision, and control processes for information security and intrusion detection. So research on the evaluation model of information security technologies is based on game theoretic. This research is supported by supported by the National Natural Science Foundation of China (grant Nos.60573035, 60673162, 60743005) and Beijing Natural Science Foundation (grant No.4082028). This paper presents the evaluation model of information security and they are a part of these projects. |