 Managing Information System Security Under Continuous and Abrupt DeteriorationAlain Bensoussan, Vijay Mookerjee and Wei T. Yue Production and Operations Management, 2020, vol. 29, issue 8, 1894-1917 Abstract: In this study, we focus on the maintenance of an intrusion detection system (IDS) that attempts to discriminate between benign and malicious traffic arriving at a firm. An attack is more likely to successfully harm the firm if the ability of its IDS to discriminate between malicious and benign traffic is low, implying loopholes or vulnerabilities in the firm’s security. A novel aspect of this study is the modeling of both continuous degradation in system discrimination ability (drift) and the arrival of abrupt shocks that can suddenly lower discrimination ability. We model shocks to arrive randomly and cause a random decrease in discrimination ability. Furthermore, we prove the existence of a steady‐state level of discrimination ability that firms should strive to reach and maintain. When discrimination ability is below this steady‐state level, full effort must be exerted to reach it. We also compare our model with alternative settings, examine the impact of parameter estimation error, and study scenarios in which the arrival rate of malicious traffic is a function of the steady‐state discrimination ability chosen by the firm. Date: 2020 Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:bla:popmgt:v:29:y:2020:i:8:p:1894-1917 Ordering information: This journal article can be ordered from Access Statistics for this article Production and Operations Management is currently edited by Kalyan Singhal More articles in Production and Operations Management from Production and Operations Management Society |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.