THE METHODOLOGY FOR DETECTING AND MANAGING THE ABUSE OF IT SYSTEMS

Mirosław Ryba, Józef Sulwiński, Aleksander Poniewierski

Abstract


This paper focuses on the processes of dealing with security breaches which are becomingone of the most pressing problems in every organization whose systems are connected to theglobal web. The study presents the most widely used methodologies which were designed inorder to detect and react to security violations in a systematic and efficient way. Based onpresented methodologies, announced and supported by such credible organizations as SANS,NIST, CERT R or ISO, authors present their own methodology. It takes into account selectedaspects of these methodologies, with the purpose of creation a systematic and coherentapproach to the process of detecting and reacting to abuses in IT systems.

Keywords


Incident handling; security breach; SANS; NIST; CERT; ISO

Full Text:

PDF

References


CERT/CC, CERT/CC: Statistics. http://www.cert.org/stats/cert_stats.

html

Department of The Navy, Computer Incident Response Guidebook, Module 19 – Information Systems Security (Infosec) Program Guidelines. NAVSO P-5239-19, August 1996

Mukund B.: Computer Security Incident Handling Step by Step. Version 1.5, May 1998

NIST National Institute of Standards and Technology. Special Publication 800-61, Computer Security Incident Handling Guide – Recommendations of the National Institute of Standards and Technology, January 2004

Killcrece G., Kossakowski K.P., Ruefle R., Zajicek M.: Organizational Models for Computer Security Incident Response Teams (CSIRTs). Carnegie Mellon University

Software Engineering Institute, Pittsburgh, PA 15213-3890, December 2003

Alberts C., Dorofee A., Killcrece G., Ruefle R., Zajicek M.: Defining Incident Management Processes for CSIRTs: A Work in Progress. Carnegie Mellon University Software Engineering Institute, Pittsburgh, PA 15213-3890, October 2004

Rezmierski V., Carroll A., Hine J.: Incident Cost Analysis and Modeling Project. The University of Michigan, 2000

Ryba M: Oparta na koncepcji rywalizacji metoda analizy ryzyka systemów informatycznych. Computer Science, UWND AGH, Kraków, 2004

Ryba M., Sulwiński J.: A systematic approach to the process of detecting and reacting to IT systems abuse. IV Międzynarodowy Kongres Audytu, Kontroli Wewnętrznej i Procedur Wykrywania oraz Zapobiegania Oszustwom Gospodarczym – conference papers, Kraków, 16–17 June 2005




DOI: https://doi.org/10.7494/csci.2008.9.3.121

Refbacks

  • There are currently no refbacks.