Title: Data leakage triage: quantitative measure of effectiveness of containment plan

Authors: Jonathan Pan

Addresses: Wee Kim Wee School of Communication and Information, Nanyang Technological University, Singapore

Abstract: Increasingly organisations' deployed security defences are challenged by persistent malware attacks. There are many risks induced by successful malicious assaults against an organisation. One of the significant risks is data leakage. This risk has significant impacts to organisations and nations. To mitigate the likely occurrence of such risk, adequate preparation and response are needed. Epidemiological modelling of such malware outbreaks can aid in the development of mitigation plans. Most of these models used the number of infected hosts or time duration to analyse malware behaviours or the effectiveness of response plan. This paper proposes an extension of the agent-based malware containment model (AMCM) to provide a quantitative measurement of the amount of data leakage from malware infected hosts in order to evaluate the effectiveness of the response containment plan. It is believed that this form of measurement will enhance the preparation of incident response plans to deal with malware outbreak.

Keywords: malware containment; agent-based modelling; malware incident response planning; data leakage triage; quantitative measures; containment plans; security; agent-based systems; multi-agent systems; MAS; malware attacks; epidemiological modelling.

DOI: 10.1504/IJICS.2015.073032

International Journal of Information and Computer Security, 2015 Vol.7 No.2/3/4, pp.240 - 254

Accepted: 22 Jul 2015
Published online: 12 Nov 2015 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article