Success Likelihood of Ongoing Attacks for Intrusion Detection and Response Systems
作者: Wael Kanoun , Nora Cuppens-Boulahia , Frédéric Cuppens , Samuel Dubus , Antony Martin
DOI: 10.1109/CSE.2009.233
关键词: Intrusion prevention system 、 Risk analysis (business) 、 Enterprise information security architecture 、 Computer security 、 Markov process 、 Computer science 、 Intrusion detection system 、 Countermeasure 、 Intrusion 、 Server
摘要: Intrusion Detection and Response Systems have become a core component in modern security architectures. Current researches are combining intrusion detection response systems with risk analysis or cost-sensitive approaches to enhance the procedure, by assessing of detected attacks candidate countermeasures. The Risk has two primary dimensions: (i) likelihood success attack(s), (ii) impact attack(s) countermeasure(s).In this paper, we present model assess attack objectives. This can be used identify ongoing scenarios, calculate dynamically for each them considering progress state target system, finally prioritize objectives associated
ieeecomputersociety.org
computer.org参考文章(19)
Salem Benferhat, Fabien Autrel, Frédéric Cuppens, Alexandre Miège, Recognizing Malicious Intention in an Intrusion Detection Process. HIS. pp. 806- 817 ,(2002)
Marc Dacier, Yves Deswarte Mohamed Kaâniche, Quantitative Assessment of Operational Security: Models and Tools * ,(1996)
Peng Ning, Christopher G. Healey, Robert St. Amant, Dingbang Xu, Building Attack Scenarios through Integration of Complementary Alert Correlation Method. network and distributed system security symposium. ,(2004)
Wael Kanoun, Nora Cuppens-Boulahia, Frédéric Cuppens, Fabien Autrel, Advanced Reaction Using Risk Assessment in Intrusion Detection Systems Critical Information Infrastructures Security. pp. 58- 70 ,(2008) , 10.1007/978-3-540-89173-4_6
Mark Collier, David Endler, Hacking Exposed VoIP: Voice Over IP Security Secrets & Solutions ,(2006)
Benjamin Morin, Hervé Debar, Correlation of Intrusion Symptoms: An Application of Chronicles recent advances in intrusion detection. pp. 94- 112 ,(2003) , 10.1007/978-3-540-45248-5_6
Frédéric Cuppens, Rodolphe Ortalo, LAMBDA: A Language to Model a Database for Detection of Attacks recent advances in intrusion detection. pp. 197- 216 ,(2000) , 10.1007/3-540-39945-3_13
Jaeyeon Jung, V. Paxson, A.W. Berger, H. Balakrishnan, Fast portscan detection using sequential hypothesis testing ieee symposium on security and privacy. pp. 211- 225 ,(2004) , 10.1109/SECPRI.2004.1301325
Wenke Lee, Wei Fan, Matthew Miller, Salvatore J. Stolfo, Erez Zadok, Toward cost-sensitive modeling for intrusion detection and response Journal of Computer Security. ,vol. 10, pp. 5- 22 ,(2002) , 10.3233/JCS-2002-101-202
Ming-Yuh Huang, Robert J. Jasper, Thomas M. Wicks, A large scale distributed intrusion detection framework based on attack strategy analysis Computer Networks. ,vol. 31, pp. 2465- 2475 ,(1999) , 10.1016/S1389-1286(99)00114-0