Premium
Managing Information System Security Under Continuous and Abrupt Deterioration
Author(s) -
Bensoussan Alain,
Mookerjee Vijay,
Yue Wei T.
Publication year - 2020
Publication title -
production and operations management
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 3.279
H-Index - 110
eISSN - 1937-5956
pISSN - 1059-1478
DOI - 10.1111/poms.13198
Subject(s) - harm , computer science , intrusion , focus (optics) , function (biology) , computer security , steady state (chemistry) , econometrics , economics , law , chemistry , physics , geochemistry , optics , evolutionary biology , political science , biology , geology
In this study, we focus on the maintenance of an intrusion detection system (IDS) that attempts to discriminate between benign and malicious traffic arriving at a firm. An attack is more likely to successfully harm the firm if the ability of its IDS to discriminate between malicious and benign traffic is low, implying loopholes or vulnerabilities in the firm’s security. A novel aspect of this study is the modeling of both continuous degradation in system discrimination ability (drift) and the arrival of abrupt shocks that can suddenly lower discrimination ability. We model shocks to arrive randomly and cause a random decrease in discrimination ability. Furthermore, we prove the existence of a steady‐state level of discrimination ability that firms should strive to reach and maintain. When discrimination ability is below this steady‐state level, full effort must be exerted to reach it. We also compare our model with alternative settings, examine the impact of parameter estimation error, and study scenarios in which the arrival rate of malicious traffic is a function of the steady‐state discrimination ability chosen by the firm.