Analysis of Computer Security Incident Data Using Time Series Models

TitleAnalysis of Computer Security Incident Data Using Time Series Models
Publication TypeConference Papers
Year of Publication2008
AuthorsCondon E, He A, Cukier M
Date Published2008/11//
KeywordsComputer networks, computer security incident data, NETWORK SECURITY, resource allocation, security of data, telecommunication security, time series, time series model

Organizations face increasing challenges in addressing and preventing computer and network security incidents. There are financial consequences from security incidents. These include lost time and resources used during recovery, possible theft of personal and/or proprietary information, and reputational damage that may negatively impact stock prices or reduce consumer confidence in a company. Being able to understand and predict trends in computer and network security incidents can aid an organization with resource allocation for prevention of such incidents, as well as evaluation of mitigation strategies. We look at using time series models with a large set of security incident data. We examine appropriateness of the data for modeling and consider needed transformations. Parameter search and model selection criteria are discussed. Then, forecasts from time series models are compared to forecasts from Non-Homogeneous Poisson Process (NHPP) software reliability growth (SRG) models.