How squeaky are your wheels? - measuring the health of a user population presented at Virus Bulletin 2002

by John Alexander (Wells fargo),

Tags: Security


Summary : " This paper will discuss a specific analysis of desktop-based virus
alerts conducted within our company, and some of the conclusions that
were drawn from it. We were interested in knowing what made some users
more likely than other users to encounter a virus.

Who are your `squeaky' wheels?
What makes them `squeaky'?
How do users become more or less `squeaky'?

These are the questions we started with, but these quickly led to
others as the implications of our findings opened new topics of
discussion. Indeed, the very definition of `squeak' itself became a
very meaningful metric.

As this paper describes the analysis process we followed, it will
attempt to generalize the techniques and issues for use by other
domains. It will discuss the construction of a vendor-independent
metric for the health of a domain based on desktop alerting, and how
to classify users into infection rate populations based upon their
relative frequency of anti-virus detection alerts. This will then be
followed with a discussion of how to identify shifts in user
populations and infection trends over time.

In conclusion, this paper will touch on how this type of analysis can
be used to shape the communication process within your environment, as
well as how to manage your helpdesk response resources more