Please use this identifier to cite or link to this item: http://hdl.handle.net/11189/4800
Title: The role of intrusion detection systems in electronic information security: From the activity theory perspective
Authors: Mlitwa, Nhlanhla Boyfriend Wilton
Birch, Dwain
Keywords: Data security;Computer crime;Access control;Intrusion detection systems;Security as work-activity;Security threats;Vulnerability
Issue Date: 2011
Publisher: Emerald
Source: Nhlanhla Boyfriend Wilton Mlitwa Dwain Birch, (2011),"The role of intrusion detection systems in electronic information security", Journal of Engineering, Design and Technology, Vol. 9 Iss 3 pp. 296 - 312 Permanent link to this document: http://dx.doi.org/10.1108/17260531111179915
Abstract: Purpose – The purpose of this paper is to investigate the effectiveness of intrusion detection systems as an access control supplement in protecting electronic information resources and networks in information-centric organisations. The study focuses on the strengths and vulnerabilities of intrusion detection systems (IDSs). Design/methodology/approach – A qualitative case study is conducted with a retail organisation, and an educational institution in Cape Town, South Africa. Using purposive sampling, interviews are held with network administrators of sample institutions to unpack security priorities and the functionalities of IDSs, the significance of the system in concept, whether it is understood within network departments, the cost factor, and its value in securing networks against all possible security challenges. The activity theory is applied as a lens to understanding the security process, and to inform a future security frameworks and research initiatives. Findings – The findings are clear. Although IDSs have vulnerabilities, they offer an added cushion to conventional network access control efforts. Access control for example, guards the gate but IDSs are the watchdogs in your yard, and IDS closes a gap in a network security that only IDSs can. It alerts you of a potential attacker, enabling you to respond promptly, in whichever way you like. It does however, require deliberate reaction against a detected intrusion to be effective, but remains a useful security tool that should become standard to all network security initiatives. A framework presenting network security as a work activity – with actors who are guided by goals – is offered to guide planning, implementations of network security and further research in future. Originality/value – Security awareness is crucial to effective e-citizenry, but complacency could be a threat. As a unique contribution, the paper presents an activity-theory work-activity framework of analysing network security. Further, the paper presents original, industry-specific interview findings, raising awareness that existing security measures need to be viewed as a continuous work-activity whose planning and implementations are embedded on goals and processes towards pursued outcomes. Access controls themselves should be monitored. They should be supplemented by effective intrusion detection systems if unauthorised access is to be effectively minimised.
URI: http://dx.doi.org/10.1108/17260531111179915
http://hdl.handle.net/11189/4800
Appears in Collections:FID - Journal Articles (DHET subsidised)

Files in This Item:
File Description SizeFormat 
Mlitwa_Nhlanhla_Boyfriend_Wilton_Birch_Dwain_FID_2011.pdfMain Article355.76 kBAdobe PDFView/Open
Show full item record

Page view(s)

15
Last Week
0
Last month
0
checked on Oct 21, 2018

Download(s)

13
checked on Oct 21, 2018

Google ScholarTM

Check


This item is licensed under a Creative Commons License Creative Commons