Latest COVID-19 Information for Purdue University

The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)

Pascal Meunier - CERIAS

"The IRDB Project: An Incident Response Database For Gathering Cost And Incidence Information On Types of Security Events"

Aug 30, 2000

Download: Video Icon MP4 Video Size: 210.3MB  
Watch on Youtube Watch on YouTube


Information about the incidence of security breaches is difficult to obtain. Emergency situations are not favorable to the maintenance of records, the security breaches are embarrassing and possibly damaging, and disclosing information about the incidents may reveal some sensitive information. Moreover, the nature of the incident and its cause are not always fully known. Because of this, the frequency and cost is difficult to assess by type of incident.

The IRDB project attempts to provide a framework to record incident information and duration. Besides email and cost recording, it provides a dynamic classification of incidents. In the IRDB, incidents have a risk type and an attack type. The risk type expresses the consequences of the attack (e.g., root access). The attack type identifies kinds of attacks (e.g., SANS top ten). Each type is itself classified by properties. With this system, we hope that 1) organizations using the same type classification can directly share data; 2) organizations not using the same type classification can translate data based on the properties of the types; 3) statistical data from many different organizations can be assembled to present a coherent picture of incident costs and frequencies on a national scale. By making the type classification dynamic, it is hoped that the severity of future, currently unknown types of attacks can be rapidly assessed.

About the Speaker

Pascal Meunier
Pascal began managing the Vulnerabilities Database and Incident Response Database projects as a graduate student. He joined CERIAS in a research scientist capacity in May of this year. Pascal graduated from Purdue with a M.Sc. in computer sciences, which he added to his previous Ph.D. in Biophysics from the University of Qu

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52 (Suite 050B), West Lafayette Campus. More information...

Ways to Watch


Watch Now!

Over 500 videos of our weekly seminar and symposia keynotes are available on our YouTube Channel. Also check out Spaf's YouTube Channel. Subscribe today!