A service dependency model for cost-sensitive intrusion response
作者: Nizar Kheir , Nora Cuppens-Boulahia , Frédéric Cuppens , Hervé Debar
DOI: 10.1007/978-3-642-15497-3_38
关键词:
摘要: Recent advances in intrusion detection and prevention have brought promising solutions to enhance IT security. Despite these efforts, the battle with cyber attackers has reached a deadlock. While always try unveil new vulnerabilities, security experts are bounded keep their softwares compliant latest updates. Intrusion response systems thus relegated second rank because no one trusts them modify system configuration during runtime. Current cost evaluation techniques do not cover all impact aspects, favoring availability over confidentiality integrity. They profit from findings which led powerful models including vulnerability graphs, exploit etc. This paper bridges gap between service dependency that used for evaluation. It proposes representation enables The outcome is model complete methodology use this order evaluate costs. latter covers collateral damages positive effects as they reduce
archives-ouvertes.fr
springer.com
sci-hub.se 参考文章(27)
Sokolov Georgij A, Shpita Aleksandr, Abramov Yurij, LOCAL COMPUTER NETWORK ,(1989)
Marc Dacier, Yves Deswarte Mohamed Kaâniche, Quantitative Assessment of Operational Security: Models and Tools * ,(1996)
M. Dacier, Y. Deswarte, M. Kaâniche, Models and tools for quantitative assessment of operational security information security. pp. 177- 186 ,(1996) , 10.1007/978-1-5041-2919-0_15
Nizar Kheir, Hervé Debar, Frédéric Cuppens, Nora Cuppens-Boulahia, Jouni Viinikka, A Service Dependency Modeling Framework for Policy-Based Response Enforcement Detection of Intrusions and Malware, and Vulnerability Assessment. pp. 176- 195 ,(2009) , 10.1007/978-3-642-02918-9_11
Ivan Balepin, Sergei Maltsev, Jeff Rowe, Karl Levitt, Using specification-based intrusion detection for Automated response recent advances in intrusion detection. pp. 136- 154 ,(2003) , 10.1007/978-3-540-45248-5_8
Wenke Lee, Wei Fan, Matthew Miller, Salvatore J. Stolfo, Erez Zadok, Toward cost-sensitive modeling for intrusion detection and response Journal of Computer Security. ,vol. 10, pp. 5- 22 ,(2002) , 10.3233/JCS-2002-101-202
Kendra Kratkiewicz, Kyle W. Ingols, Richard Lippmann, Chris Scott, Michael Artz, A network security planning architecture ,(2004)
Lars M. Kristensen, Soren Christensen, Kurt Jensen, The practitioner's guide to coloured Petri nets International Journal on Software Tools for Technology Transfer. ,vol. 2, pp. 98- 132 ,(1998) , 10.1007/S100090050021
Chris Strasburg, Natalia Stakhanova, Samik Basu, Johnny S. Wong, Intrusion response cost assessment methodology Proceedings of the 4th International Symposium on Information, Computer, and Communications Security - ASIACCS '09. pp. 388- 391 ,(2009) , 10.1145/1533057.1533112
N.R. Mead, G. McGraw, A portal for software security ieee symposium on security and privacy. ,vol. 3, pp. 75- 79 ,(2005) , 10.1109/MSP.2005.88