A Retroactive-Burst Framework for Automated Intrusion Response System

المؤلفون المشاركون

Dagenais, Michel R.
Jabbarifar, Masoume
Desfossez, Julien
Shameli-Sendi, Alireza

المصدر

Journal of Computer Networks and Communications

العدد

المجلد 2013، العدد 2013 (31 ديسمبر/كانون الأول 2013)، ص ص. 1-8، 8ص.

الناشر

Hindawi Publishing Corporation

تاريخ النشر

2013-03-26

دولة النشر

مصر

عدد الصفحات

8

التخصصات الرئيسية

تكنولوجيا المعلومات وعلم الحاسوب

الملخص EN

The aim of this paper is to present an adaptive and cost-sensitive model to prevent security intrusions.

In most automated intrusion response systems, response selection is performed locally based on current threat without using the knowledge of attacks history.

Another challenge is that a group of responses are applied without any feedback mechanism to measure the response effect.

We address these problems through retroactive-burst execution of responses and a Response Coordinator (RC) mechanism, the main contributions of this work.

The retroactive-burst execution consists of several burst executions of responses with, at the end of each burst, a mechanism for measuring the effectiveness of the applied responses by the risk assessment component.

The appropriate combination of responses must be considered for each burst execution to mitigate the progress of the attack without necessarily running the next round of responses, because of the impact on legitimate users.

In the proposed model, there is a multilevel response mechanism.

To indicate which level is appropriate to apply based on the retroactive-burst execution, we get help from a Response Coordinator mechanism.

The applied responses can improve the health of Applications, Kernel, Local Services, Network Services, and Physical Status.

Based on these indexes, the RC gives a general overview of an attacker’s goal in a distributed environment.

نمط استشهاد جمعية علماء النفس الأمريكية (APA)

Shameli-Sendi, Alireza& Desfossez, Julien& Dagenais, Michel R.& Jabbarifar, Masoume. 2013. A Retroactive-Burst Framework for Automated Intrusion Response System. Journal of Computer Networks and Communications،Vol. 2013, no. 2013, pp.1-8.
https://search.emarefa.net/detail/BIM-448406

نمط استشهاد الجمعية الأمريكية للغات الحديثة (MLA)

Shameli-Sendi, Alireza…[et al.]. A Retroactive-Burst Framework for Automated Intrusion Response System. Journal of Computer Networks and Communications No. 2013 (2013), pp.1-8.
https://search.emarefa.net/detail/BIM-448406

نمط استشهاد الجمعية الطبية الأمريكية (AMA)

Shameli-Sendi, Alireza& Desfossez, Julien& Dagenais, Michel R.& Jabbarifar, Masoume. A Retroactive-Burst Framework for Automated Intrusion Response System. Journal of Computer Networks and Communications. 2013. Vol. 2013, no. 2013, pp.1-8.
https://search.emarefa.net/detail/BIM-448406

نوع البيانات

مقالات

لغة النص

الإنجليزية

الملاحظات

Includes bibliographical references

رقم السجل

BIM-448406