Risk-Aware Framework for Activating and Deactivating Policy-Based Response
作者: Wael Kanoun , Nora Cuppens-Boulahia , Frederic Cuppens , Samuel Dubus
DOI: 10.1109/NSS.2010.80
关键词: Computer science 、 Access control 、 Server 、 Security community 、 Risk analysis 、 Authorization 、 Context (language use) 、 Work (electrical) 、 Computer security 、 Holy Grail
摘要: With the growth of modern systems and infrastructures, automated intelligent response become holy grail security community. An interesting approach proposes to use dynamic access control policies specify for such systems. These should been forced when an ongoing attack, that threatens monitored system, is detected. However, existing work do not present a clear methodology Response policies. In particular, deactivation issue yet tackled. this paper, we first how Second, risk-aware framework proposed activate deactivate Hence, success likelihood threat, cumulative impact both threat response, are all considered.
archives-ouvertes.fr
sci-hub.se 参考文章(29)
Frédéric Cuppens, Nora Cuppens-Boulahia, Wael Kanoun, Aurélien Croissant, A Formal Framework to Specify and Deploy Reaction Policies Atlantis Press. pp. 159- 188 ,(2010) , 10.2991/978-94-91216-32-9_8
Salem Benferhat, Fabien Autrel, Frédéric Cuppens, Alexandre Miège, Recognizing Malicious Intention in an Intrusion Detection Process. HIS. pp. 806- 817 ,(2002)
Peng Ning, Christopher G. Healey, Robert St. Amant, Dingbang Xu, Building Attack Scenarios through Integration of Complementary Alert Correlation Method. network and distributed system security symposium. ,(2004)
Wael Kanoun, Nora Cuppens-Boulahia, Frédéric Cuppens, Fabien Autrel, Advanced Reaction Using Risk Assessment in Intrusion Detection Systems Critical Information Infrastructures Security. pp. 58- 70 ,(2008) , 10.1007/978-3-540-89173-4_6
Ashish Gehani, Gershon Kedem, RheoStat: Real-Time Risk Management recent advances in intrusion detection. pp. 296- 314 ,(2004) , 10.1007/978-3-540-30143-1_16
Chitta Baral, Jorge Lobo, Goce Trajcevski, Formal Characterizations of Active Databases: Part II international conference on deductive and object oriented databases. pp. 247- 264 ,(1997) , 10.1007/3-540-63792-3_19
Ivan Balepin, Sergei Maltsev, Jeff Rowe, Karl Levitt, Using specification-based intrusion detection for Automated response recent advances in intrusion detection. pp. 136- 154 ,(2003) , 10.1007/978-3-540-45248-5_8
Wenke Lee, Wei Fan, Matthew Miller, Salvatore J. Stolfo, Erez Zadok, Toward cost-sensitive modeling for intrusion detection and response Journal of Computer Security. ,vol. 10, pp. 5- 22 ,(2002) , 10.3233/JCS-2002-101-202
Chitta Baral, Jorge Lobo, Formal Characterization of Active Databases logic in databases. pp. 175- 195 ,(1996) , 10.1007/BFB0031741
Joaquin Garcia-Alfaro, Frederic Cuppens, Laurent Toutain, Stere Preda, Nora Cuppens-Boulahia, Reliable Process for Security Policy Deployment arXiv: Cryptography and Security. ,(2009)