Vulnerability Assessment, Intrusion Detection and Prevention for Management Information System

C. L. Wu

ABSTRACT

Networks have become very important for conducting business in government, industry, and academic organizations. Networked systems allow access to needed information rapidly, improve communications while reducing costs, enable collaboration with partners, provide better customer services, and conduct electronic commerce. Organizations have moved to client-server architectures where servers and workstations communicate through networks. While computer networks revolutionize the way business is done, the risks they introduce can be fatal. Attacks on networks can lead to lost money, time, products, reputation, sensitive information, and even lives. Information protection decisions are often incomplete or ineffective because they are based on the organization's prior experience with vulnerabilities and current threats. While managing information security risks and vulnerabilities help ensure that information protection strategies are appropriate, most risk assessments are incomplete, or are conducted by external consultants who have little knowledge of the organization's unique requirements.

KEYWORDS: Management information system、intrusion detection、information security risk、firewall、computer crisis management。

Assistant Professor Chia-Long Wu is in the Department of Aviation Communication & Electronics, Chinese Air Force Technology, Taiwan, R.O.C. (chialongwu@seed.net.tw).

© 2007 Crisis Management Society, Taiwan, R.O.C. Manuscript received 7, November,2006; accepted 23, March, 2007                                                               JCM070900725IFS