An approach to the automated determination of host information value

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

5 Scopus citations

Abstract

Enterprise networks are comprised of thousands of interconnected computer hosts, each of which is capable of creating, removing, and exchanging data according to the needs of their users. Thus, the distribution of high-value, sensitive, and proprietary information across enterprise networks is poorly managed and understood. A significant technology gap in information security is the inability to automatically quantify the value of the information contained on each host in a network. Such insight would allow an enterprise to scale its defenses, react intelligently to an intrusion, manage its configuration audits, and understand the leak potential in the event that a host is compromised. This paper outlines a novel approach to the automated determination of the value of the information contained on a host computer. It involves the classification of each text document on the host machine using the frequency of the document's terms and phrases. A host information value is computed using an enterprise-defined weighting schema and applying it to a host's document distribution. The method is adaptable to specific organizational information needs, requires manual intervention only during schema creation, and is repeatable and consistent regardless of changes in information on the host machines.

Original languageEnglish
Title of host publicationIEEE SSCI 2011
Subtitle of host publicationSymposium Series on Computational Intelligence - CICS 2011: 2011 IEEE Symposium on Computational Intelligence in Cyber Security
Pages92-99
Number of pages8
DOIs
StatePublished - 2011
EventSymposium Series on Computational Intelligence, IEEE SSCI2011 - 2011 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2011 - Paris, France
Duration: Apr 11 2011Apr 15 2011

Publication series

NameIEEE SSCI 2011: Symposium Series on Computational Intelligence - CICS 2011: 2011 IEEE Symposium on Computational Intelligence in Cyber Security

Conference

ConferenceSymposium Series on Computational Intelligence, IEEE SSCI2011 - 2011 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2011
Country/TerritoryFrance
CityParis
Period04/11/1104/15/11

Keywords

  • cyber security risk management
  • document classification
  • host information value
  • information asset profiling
  • security informatics

Fingerprint

Dive into the research topics of 'An approach to the automated determination of host information value'. Together they form a unique fingerprint.

Cite this