[unisog] Costs of network abuse

Martin, James E. martin at more.net
Wed Oct 16 14:58:04 GMT 2002

Anyone know of a good detailed open work on the cost of handling security events in an academic environment? 

I'm aware of the Big Ten Universities' Incident Cost Analysis Modeling Project. The I-CAMP-II report came out in 2000 (see http://www.usenix.org/publications/login/1999-6/icamp.html for contact info). There's also the Dittrich article at http://online.securityfocus.com/infocus/1592. 

What are others using to build their models? Has anyone reduced this to the point of providing a spreadsheet or secured web form for victims to fill out for individual security events, with tracking over time to factor in history and costs of a network? Currently, our help desk app allows up to track our own time for a downstream network, easily extract two years' history (and our CSIRT time costs, and search archives to get another five years, but I don't have a good model/tool for modelling the victim end.


James E. Martin                           
MOREnet Network Security Coordinator 
University of Missouri System                     
voice: 573-884-7200   fax: 573-884-6673

-----Original Message-----
From: Albert Lunde [mailto:Albert-Lunde at northwestern.edu]
Sent: Tuesday, October 15, 2002 4:04 PM
To: unisog at sans.org
Subject: Re: [unisog] Academic Freedom


There's an economic basis to most netiquette principles, (though
sometimes they are aimed at protecting time rather than money.)

Looking at the concrete costs of network abuse yields specfic
rebuttals to confusing it with freedom, academic or otherwise.

    Albert Lunde          Albert-Lunde at northwestern.edu (new address)
                          Albert-Lunde at nwu.edu (old address)

More information about the unisog mailing list