Collection of Quantitative Data on Security Incidents

Vienna, Austria April 10-April 13

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ARES.2007.57

The Second International Conference o ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Thomas Nowey Articles by Hannes Federrath

	ASCII Text	x
	Thomas Nowey, Hannes Federrath, "Collection of Quantitative Data on Security Incidents," Availability, Reliability and Security, International Conference on, pp. 325-334, The Second International Conference on Availability, Reliability and Security (ARES'07), 2007.

	BibTex	x
	@article{ 10.1109/ARES.2007.57, author = {Thomas Nowey and Hannes Federrath}, title = {Collection of Quantitative Data on Security Incidents}, journal ={Availability, Reliability and Security, International Conference on}, volume = {0}, year = {2007}, isbn = {0-7695-2775-2}, pages = {325-334}, doi = {http://doi.ieeecomputersociety.org/10.1109/ARES.2007.57}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Availability, Reliability and Security, International Conference on TI - Collection of Quantitative Data on Security Incidents SN - 0-7695-2775-2 SP325 EP334 A1 - Thomas Nowey, A1 - Hannes Federrath, PY - 2007 KW - null VL - 0 JA - Availability, Reliability and Security, International Conference on ER -

Thomas Nowey, University of Regensburg Germany

Hannes Federrath, University of Regensburg Germany

Quantitative data about security threats is a precondition for a precise assessment of security risks and consequently for an efficient management of information security. Currently such data is hardly available, especially for small and medium-sized organizations. In this paper we discuss different ways of gathering quantitative data and present a new approach for the collection of historical data on security incidents. We propose a platform that collects, aggregates and evaluates data on security incidents from multiple organizations. We identify basic requirements for such a platform and show approaches for satisfying them. We especially emphasize the aspects of security and fairness. Finally we introduce a prototype that shows how an implementation could look like.

Citation:

Thomas Nowey, Hannes Federrath, "Collection of Quantitative Data on Security Incidents," ares, pp.325-334, The Second International Conference on Availability, Reliability and Security (ARES'07), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.