A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior
IEEE Transactions on Software Engineering
Testing and evaluating computer intrusion detection systems
Communications of the ACM
Estimating campaign benefits and modeling lift
KDD '99 Proceedings of the fifth ACM SIGKDD international conference on Knowledge discovery and data mining
Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security
IEEE Transactions on Software Engineering
A Decision-Analytic Stopping Rule for Validation of Commercial Software Systems
IEEE Transactions on Software Engineering
The 1999 DARPA off-line intrusion detection evaluation
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Measuring lift quality in database marketing
ACM SIGKDD Explorations Newsletter - Special issue on “Scalable data mining algorithms”
ACM Transactions on Information and System Security (TISSEC)
Using information security as a response to competitor analysis systems
Communications of the ACM
Toward cost-sensitive modeling for intrusion detection and response
Journal of Computer Security
Measuring Real-Time Predictive Models
ICDM '01 Proceedings of the 2001 IEEE International Conference on Data Mining
Bayesian Models for Early Warning of Bank Failures
Management Science
NIST Special Publication 800-30 Risk Management Guide for Information Technology Systems
NIST Special Publication 800-30 Risk Management Guide for Information Technology Systems
Network externalities, layered protection and IT security risk management
Decision Support Systems
Evaluation of Intrusion Detection Systems Under a Resource Constraint
ACM Transactions on Information and System Security (TISSEC)
Intrusion Prevention in Information Systems: Reactive and Proactive Responses
Journal of Management Information Systems
Decision-Theoretic and Game-Theoretic Approaches to IT Security Investment
Journal of Management Information Systems
Investments in Information Security: A Real Options Perspective with Bayesian Postaudit
Journal of Management Information Systems
Decision Analysis
A Decision Analysis Approach to Solving the Signaling Game
Decision Analysis
Risks and Benefits of Signaling Information System Characteristics to Strategic Attackers
Journal of Management Information Systems
An Analysis of the Impact of Passenger Profiling for Transportation Security
Operations Research
A cost-based analysis of intrusion detection system configuration under active or passive response
Decision Support Systems
From the Editors---Games and Decisions in Reliability and Risk
Decision Analysis
IT security auditing: A performance evaluation decision model
Decision Support Systems
Journal of Computer Security
Hi-index | 0.00 |
Firms are increasingly relying on software to detect fraud in domains such as security, financial services, tax, and auditing. A fundamental problem in using detection software for fraud detection is achieving the optimal balance between the detection and false-positive rates. Many firms use decision theory to address the configuration problem. Decision theory is based on the presumption that the firm's actions do not influence the behavior of fraudsters. Game theory recognizes the fact that fraudsters do modify their strategies in response to firms' actions. In this paper, we compare decision and game theory approaches to the detection software configuration problem when firms are faced with strategic users. We find that under most circumstances firms incur lower costs when they use the game theory as opposed to the decision theory because the decision theory approach frequently either over- or underconfigures the detection software. However, firms incur the same or lower cost under the decision theory approach compared with the game theory approach in a simultaneous-move game if configurations under decision theory and game theory are sufficiently close. A limitation of the game theory approach is that it requires user-specific utility parameters, which are difficult to estimate. Decision theory, in contrast to game theory, requires the fraud probability estimate, which is more easily obtained.