Modeling system audit as a sequential test with discovery as a failure time endpoint

Craig Wright; Tanveer Zia

Modeling system audit as a sequential test with discovery as a failure time endpoint

Research output: Book chapter/Published conference paper › Conference paper › peer-review

Abstract

Combining hazard models with SIR (Susceptible-Infected-Removed) epidemic modeling provides a means of calculating the optimal information systems audit strategy. Treating audit as a sequential test allows for the introduction of censoring techniques that enable the estimation of benefits from divergent audit strategies. This process can be used to gauge the economic benefits of these strategies in the selection of an optimal audit process designed to maximize the detection of compromised or malware infected hosts.

Original language	English
Title of host publication	Proceedings of the 2012 International Conference on Electronics, Information and Communication Engineering (EICE 2012)
Place of Publication	Germany
Publisher	Springer
Pages	1-11
Number of pages	11
Publication status	Published - 2012
Event	2011 International Conference on Business Intelligence and Financial Engineering: ICBIFE 2011 - Hong Kong, Hong Kong Duration: 12 Dec 2011 → 13 Dec 2011

Conference

Conference	2011 International Conference on Business Intelligence and Financial Engineering
Country/Territory	Hong Kong
Period	12/12/11 → 13/12/11

Cite this

@inproceedings{4340a9bfc8eb433c83321e15a187585e,

title = "Modeling system audit as a sequential test with discovery as a failure time endpoint",

abstract = "Combining hazard models with SIR (Susceptible-Infected-Removed) epidemic modeling provides a means of calculating the optimal information systems audit strategy. Treating audit as a sequential test allows for the introduction of censoring techniques that enable the estimation of benefits from divergent audit strategies. This process can be used to gauge the economic benefits of these strategies in the selection of an optimal audit process designed to maximize the detection of compromised or malware infected hosts.",

keywords = "Epidemic modeling, Failure intensity, Hazard, Modeling, Non-homogeneous Poisson process (NHPP), SIR (Susceptible-Infected-Removed)",

author = "Craig Wright and Tanveer Zia",

note = "Imported on 03 May 2017 - DigiTool details were: publisher = Germany: Springer, 2012. editor/s (773b) = Nian Zhang, Minli Dai; Event dates (773o) = 12-13 December 2011; Parent title (773t) = International Conference on Business Intelligence and Financial Engineering (ICBIFE).; 2011 International Conference on Business Intelligence and Financial Engineering : ICBIFE 2011 ; Conference date: 12-12-2011 Through 13-12-2011",

year = "2012",

language = "English",

pages = "1--11",

booktitle = "Proceedings of the 2012 International Conference on Electronics, Information and Communication Engineering (EICE 2012)",

publisher = "Springer",

address = "United States",

}

TY - GEN

T1 - Modeling system audit as a sequential test with discovery as a failure time endpoint

AU - Wright, Craig

AU - Zia, Tanveer

N1 - Imported on 03 May 2017 - DigiTool details were: publisher = Germany: Springer, 2012. editor/s (773b) = Nian Zhang, Minli Dai; Event dates (773o) = 12-13 December 2011; Parent title (773t) = International Conference on Business Intelligence and Financial Engineering (ICBIFE).

PY - 2012

Y1 - 2012

N2 - Combining hazard models with SIR (Susceptible-Infected-Removed) epidemic modeling provides a means of calculating the optimal information systems audit strategy. Treating audit as a sequential test allows for the introduction of censoring techniques that enable the estimation of benefits from divergent audit strategies. This process can be used to gauge the economic benefits of these strategies in the selection of an optimal audit process designed to maximize the detection of compromised or malware infected hosts.

AB - Combining hazard models with SIR (Susceptible-Infected-Removed) epidemic modeling provides a means of calculating the optimal information systems audit strategy. Treating audit as a sequential test allows for the introduction of censoring techniques that enable the estimation of benefits from divergent audit strategies. This process can be used to gauge the economic benefits of these strategies in the selection of an optimal audit process designed to maximize the detection of compromised or malware infected hosts.

KW - Epidemic modeling

KW - Failure intensity

KW - Hazard

KW - Modeling

KW - Non-homogeneous Poisson process (NHPP)

KW - SIR (Susceptible-Infected-Removed)

M3 - Conference paper

SP - 1

EP - 11

BT - Proceedings of the 2012 International Conference on Electronics, Information and Communication Engineering (EICE 2012)

PB - Springer

CY - Germany

T2 - 2011 International Conference on Business Intelligence and Financial Engineering

Y2 - 12 December 2011 through 13 December 2011

ER -

Modeling system audit as a sequential test with discovery as a failure time endpoint

Abstract

Conference

Fingerprint

Cite this