IDEAS home Printed from https://ideas.repec.org/a/inm/orisre/v16y2005i1p28-46.html
   My bibliography  Save this article

The Value of Intrusion Detection Systems in Information Technology Security Architecture

Author

Listed:
  • Huseyin Cavusoglu

    (A. B. Freeman School of Business, Tulane University, 7 McAlister Drive, Goldring/Woldenberg Hall, New Orleans, Louisiana 70118)

  • Birendra Mishra

    (School of Management, University of Texas at Dallas, Richardson, Texas 75083, and Anderson Graduate School of Management, University of California, Riverside, Riverside, California 92521)

  • Srinivasan Raghunathan

    (School of Management, University of Texas at Dallas, Richardson, Texas 75083)

Abstract

The increasing significance of information technology (IT) security to firms is evident from their growing IT security budgets. Firms rely on security technologies such as firewalls and intrusion detection systems (IDSs) to manage IT security risks. Although the literature on the technical aspects of IT security is proliferating, a debate exists in the IT security community about the value of these technologies. In this paper, we seek to assess the value of IDSs in a firm’s IT security architecture. We find that the IDS configuration, represented by detection (true positive) and false alarm (false positive) rates, determines whether a firm realizes a positive or negative value from the IDS. Specifically, we show that a firm realizes a positive value from an IDS only when the detection rate is higher than a critical value, which is determined by the hacker’s benefit and cost parameters. When the firm realizes a positive (negative) value, the IDS deters (sustains) hackers. However, irrespective of whether the firm realizes a positive or negative value from the IDS, the IDS enables the firm to better target its investigation of users, while keeping the detection rate the same. Our results suggest that the positive value of an IDS results not from improved detection per se, but from an increased deterrence enabled by improved detection. Finally, we show that the firm realizes a strictly nonnegative value if the firm configures the IDS optimally based on the hacking environment.

Suggested Citation

  • Huseyin Cavusoglu & Birendra Mishra & Srinivasan Raghunathan, 2005. "The Value of Intrusion Detection Systems in Information Technology Security Architecture," Information Systems Research, INFORMS, vol. 16(1), pages 28-46, March.
    • Handle: RePEc:inm:orisre:v:16:y:2005:i:1:p:28-46
    DOI: 10.1287/isre.1050.0041
    as

    Download full text from publisher

    File URL: http://dx.doi.org/10.1287/isre.1050.0041
    Download Restriction: no
    File URL: https://libkey.io/10.1287/isre.1050.0041?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    References listed on IDEAS

    as
    1. Gary S. Becker, 1974. "Crime and Punishment: An Economic Approach," NBER Chapters, in: Essays in the Economics of Crime and Punishment, pages 1-54, National Bureau of Economic Research, Inc.
    2. Mookherjee, Dilip & Png, I P L, 1992. "Monitoring vis-a-vis Investigation in Enforcement of Law," American Economic Review, American Economic Association, vol. 82(3), pages 556-565, June.
    3. Gustav Feichtinger, 1983. "A Differential Games Solution to a Model of Competition Between a Thief and the Police," Management Science, INFORMS, vol. 29(6), pages 686-699, June.
    4. Mishra, Birendra K. & Paul Newman, D. & Stinson, Christopher H., 1997. "Environmental regulations and incentives for compliance audits," Journal of Accounting and Public Policy, Elsevier, vol. 16(2), pages 187-214.
    5. George J. Stigler, 1974. "The Optimum Enforcement of Laws," NBER Chapters, in: Essays in the Economics of Crime and Punishment, pages 55-67, National Bureau of Economic Research, Inc.
    6. Suresh P. Sethi, 1979. "Optimal Pilfering Policies for Dynamic Continuous Thieves," Management Science, INFORMS, vol. 25(6), pages 535-542, June.
    7. Shavell, Steven, 1991. "Specific versus General Enforcement of Law," Journal of Political Economy, University of Chicago Press, vol. 99(5), pages 1088-1108, October.
    8. Ronald A. Dye, 1986. "Optimal Monitoring Policies in Agencies," RAND Journal of Economics, The RAND Corporation, vol. 17(3), pages 339-350, Autumn.
    9. Polinsky, Mitchell & Shavell, Steven, 1979. "The Optimal Tradeoff between the Probability and Magnitude of Fines," American Economic Review, American Economic Association, vol. 69(5), pages 880-891, December.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Huseyin Cavusoglu & Byungwan Koh & Srinivasan Raghunathan, 2010. "An Analysis of the Impact of Passenger Profiling for Transportation Security," Operations Research, INFORMS, vol. 58(5), pages 1287-1302, October.
    2. Bose, Pinaki, 1995. "Anticipatory compliance and effective regulatory activity," International Review of Law and Economics, Elsevier, vol. 15(2), pages 151-159, June.
    3. Huseyin Cavusoglu & Young Kwark & Bin Mai & Srinivasan Raghunathan, 2013. "Passenger Profiling and Screening for Aviation Security in the Presence of Strategic Attackers," Decision Analysis, INFORMS, vol. 10(1), pages 63-81, March.
    4. Avner Bar-Ilan & Bruce Sacerdote, 2001. "The Response to Fines and Probability of Detection in a Series of Experiments," NBER Working Papers 8638, National Bureau of Economic Research, Inc.
    5. A. Mitchell Polinsky & Steven Shavell, 2009. "Public Enforcement of Law," Chapters, in: Nuno Garoupa (ed.), Criminal Law and Economics, chapter 1, Edward Elgar Publishing.
    6. Antonio Acconcia & Marcello D'Amato & Riccardo Martina, 2003. "Corruption and Tax Evasion with Competitive Bribes," CSEF Working Papers 112, Centre for Studies in Economics and Finance (CSEF), University of Naples, Italy.
    7. Kantorowicz-Reznichenko Elena, 2015. "Day-Fines: Should the Rich Pay More?," Review of Law & Economics, De Gruyter, vol. 11(3), pages 481-501, November.
    8. Marcel Boyer & Tracy R. Lewis & Wei Lin Liu, 2000. "Setting standards for credible compliance and law enforcement," Canadian Journal of Economics, Canadian Economics Association, vol. 33(2), pages 319-340, May.
    9. Crinò, Rosario & Immordino, Giovanni & Piccolo, Salvatore, 2019. "Marginal deterrence at work," Journal of Economic Behavior & Organization, Elsevier, vol. 166(C), pages 586-612.
    10. Steven Shavell & A. Mitchell Polinsky, 2000. "The Economic Theory of Public Enforcement of Law," Journal of Economic Literature, American Economic Association, vol. 38(1), pages 45-76, March.
    11. Kaplow, Louis & Shavell, Steven, 1994. "Optimal Law Enforcement with Self-Reporting of Behavior," Journal of Political Economy, University of Chicago Press, vol. 102(3), pages 583-606, June.
    12. Antonio Acconcia & Marcello D'Amato & Riccardo Martina, 2003. "Tax Evasion and Corruption in Tax Administration," Public Economics 0310001, University Library of Munich, Germany.
    13. Joanne Roberts, 2000. "Plea Bargaining with Budgetary Constraints and Deterrence," Working Papers jorob-00-01, University of Toronto, Department of Economics.
    14. Polinsky, A. Mitchell & Shavell, Steven, 2007. "The Theory of Public Enforcement of Law," Handbook of Law and Economics, in: A. Mitchell Polinsky & Steven Shavell (ed.), Handbook of Law and Economics, edition 1, volume 1, chapter 6, pages 403-454, Elsevier.
    15. Eide, Erling & Rubin, Paul H. & Shepherd, Joanna M., 2006. "Economics of Crime," Foundations and Trends(R) in Microeconomics, now publishers, vol. 2(3), pages 205-279, December.
    16. Feess, Eberhard & Wohlschlegel, Ansgar, 2009. "Why higher punishment may reduce deterrence," Economics Letters, Elsevier, vol. 104(2), pages 69-71, August.
    17. Innes, Robert, 1999. "Remediation and self-reporting in optimal law enforcement," Journal of Public Economics, Elsevier, vol. 72(3), pages 379-393, June.
    18. Steven Shavell, 2003. "Economic Analysis of Public Law Enforcement and Criminal Law," NBER Working Papers 9698, National Bureau of Economic Research, Inc.
    19. Jost, Peter-J, 2001. "Crime, coordination, and punishment: An economic analysis," International Review of Law and Economics, Elsevier, vol. 21(1), pages 23-46, March.
    20. Rasmusen, Eric, 1995. "How optimal penalties change with the amount of harm," International Review of Law and Economics, Elsevier, vol. 15(1), pages 101-108, January.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:inm:orisre:v:16:y:2005:i:1:p:28-46. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Chris Asher (email available below). General contact details of provider: https://edirc.repec.org/data/inforea.html .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.