Advanced Reaction Using Risk Assessment in Intrusion Detection Systems
作者: Wael Kanoun , Nora Cuppens-Boulahia , Frédéric Cuppens , Fabien Autrel
DOI: 10.1007/978-3-540-89173-4_6
关键词:
摘要: Current intrusion detection systems go beyond the of attacks and provide reaction mechanisms to cope with detected or at least reduce their effect. Previous research works have proposed methods automatically select possible countermeasures capable ending attack. But actually, side effects can be as harmful In this paper, we propose improve selection process by giving means quantify effectiveness countermeasure that has minimum negative effect on information system. To achieve goal, adopt a risk assessment analysis approach.
springer.com
core.ac.uk
researchgate.net 
sci-hub.st 参考文章(15)
Dominique Alessandri, Towards a Taxonomy of Intrusion Detection Systems and Attacks ,(2001)
Salem Benferhat, Fabien Autrel, Frédéric Cuppens, Alexandre Miège, Recognizing Malicious Intention in an Intrusion Detection Process. HIS. pp. 806- 817 ,(2002)
Salem Benferhat, Fabien Autrel, Frédéric Cuppens, Enhanced Correlation in an Intrusion Detection Process mathematical methods, models, and architectures for network security systems. pp. 157- 170 ,(2003) , 10.1007/978-3-540-45215-7_13
Hervé Debar, Yohann Thomas, Nora Boulahia-Cuppens, Frédéric Cuppens, Using Contextual Security Policies for Threat Response Detection of Intrusions and Malware & Vulnerability Assessment. pp. 109- 128 ,(2006) , 10.1007/11790754_7
F. Cuppens, Managing alerts in a multi-intrusion detection environment annual computer security applications conference. pp. 22- 31 ,(2001) , 10.1109/ACSAC.2001.991518
Benjamin Morin, Hervé Debar, Correlation of Intrusion Symptoms: An Application of Chronicles recent advances in intrusion detection. pp. 94- 112 ,(2003) , 10.1007/978-3-540-45248-5_6
Frédéric Cuppens, Rodolphe Ortalo, LAMBDA: A Language to Model a Database for Detection of Attacks recent advances in intrusion detection. pp. 197- 216 ,(2000) , 10.1007/3-540-39945-3_13
Ming-Yuh Huang, Robert J. Jasper, Thomas M. Wicks, A large scale distributed intrusion detection framework based on attack strategy analysis Computer Networks. ,vol. 31, pp. 2465- 2475 ,(1999) , 10.1016/S1389-1286(99)00114-0
Frédéric Cuppens, Fabien Autrel, Yacine Bouzida, Joaquin Garcia, Sylvain Gombault, Thierry Sans, Anti-correlation as a criterion to select appropriate counter-measures in an intrusion detection framework Annales Des Télécommunications. ,vol. 61, pp. 197- 217 ,(2006) , 10.1007/BF03219974
Peng Ning, Yun Cui, Douglas S. Reeves, Constructing attack scenarios through correlation of intrusion alerts Proceedings of the 9th ACM conference on Computer and communications security - CCS '02. pp. 245- 254 ,(2002) , 10.1145/586110.586144