A Network-Based Response Framework and Implementation
作者: Marcus Tylutki , Karl Levitt
DOI: 10.1007/978-3-642-00972-3_6
关键词:
摘要: As the number of network-based attacks increase, and system administrators become overwhelmed with Intrusion Detection System (IDS) alerts, systems that respond to these are rapidly becoming a key area research. Current response solutions either localized individual hosts, or focus on refined set possible resources, which emulate many features low level IDS sensors. In this paper, we describe modular framework can incorporate existing sensors. This combines components by uniting models represent: events affect state system, detection capabilities sensors, agents, conditions represent policy. Linking provides foundation for generating responses best satisfy policy, given perceived sensors agents.
springer.com
sci-hub.st 参考文章(27)
Jeff Rowe, D Schnackenberg, D Darby, K Levitt, C Wee, D Klotz, J Schatz, Intrusion Detection and Isolation Protocol: Automated Response to Attacks. recent advances in intrusion detection. ,(1999)
Christopher Krügel, Thomas Toth, Flexible, Mobile Agent Based Intrusion Detection for Dynamic Networks ,(2001)
Marcus Tylutki, Karl Levitt, Mitigating Distributed Denial of Service Attacks Using a Proportional-Integral-Derivative Controller recent advances in intrusion detection. pp. 1- 16 ,(2003) , 10.1007/978-3-540-45248-5_1
Vern Paxson, Bro: a system for detecting network intruders in real-time Computer Networks. ,vol. 31, pp. 2435- 2463 ,(1999) , 10.1016/S1389-1286(99)00112-7
Steven Michael Bellovin, John Ioannidis, Implementing Pushback : Router-Based Defense Against DDoS Attacks network and distributed system security symposium. ,(2002) , 10.7916/D8R78MXV
Stephen E. Smaha, Terrance L. Goan, James Brentano, Daniel M. Teal, Karl N. Levitt, Biswanath Mukherjee, Steven R. Snapp, L. Todd Heberlein, Gihan V. Dias, Tim Grance, Che-Lin Ho, Doug Mansur, DIDS (distributed intrusion detection system)—motivation, architecture, and an early prototype Internet besieged. pp. 211- 227 ,(1997)
Wenke Lee, Salvatore J. Stolfo, Data mining approaches for intrusion detection usenix security symposium. pp. 6- 6 ,(1998) , 10.21236/ADA401496
Frédéric Cuppens, Rodolphe Ortalo, LAMBDA: A Language to Model a Database for Detection of Attacks recent advances in intrusion detection. pp. 197- 216 ,(2000) , 10.1007/3-540-39945-3_13
Martin Roesch, Snort - Lightweight Intrusion Detection for Networks usenix large installation systems administration conference. pp. 229- 238 ,(1999)
Cédric Michel, Ludovic Mé, ADeLe: an attack description language for knowledge-based intrustion detection information security. pp. 353- 368 ,(2001) , 10.1007/0-306-46998-7_25