On the Fly Design and Co-simulation of Responses Against Simultaneous Attacks
作者: Léa Samarji , Nora Cuppens-Boulahia , Frédéric Cuppens , Serge Papillon , Waël Kanoun
DOI: 10.1007/978-3-319-24177-7_32
关键词:
摘要: The growth of critical information systems in size and complexity has driven the research community to propose automated response systems. These must cope with steady progress attacks’ sophistication, coordination effectiveness. Unfortunately, existing still handle attacks independently, suffering thereby from (i) efficiency issues against coordinated (e.g. DDoS), (ii) conflicts between parallel responses, (iii) unexpected side effects responses on system. We, thus, this paper a new model simultaneous threats. Our is dynamically designed based definition capability-aware logic anticorrelation, modeled using Situation Calculus (SC) language. Even though can prevent or reduce an attack scenario, it may also have system unintentionally ease one attackers its scenario. We address issue by proposing co-simulator SC planning capabilities. This considers each candidate apart reasons, current system’s attackers’ state, assess achieved risk mitigation protected Experimentations were led highlight benefits our solution.
springer.com
sci-hub.se 参考文章(19)
Layal Samarji, Frédéric Cuppens, Nora Cuppens-Boulahia, Wael Kanoun, Samuel Dubus, Situation Calculus and Graph Based Defensive Modeling of Simultaneous Attacks International Symposium on Cyberspace Safety and Security. pp. 132- 150 ,(2013) , 10.1007/978-3-319-03584-0_11
Raymond Reiter, Natural actions, concurrency and continuous time in the situation calculus principles of knowledge representation and reasoning. pp. 2- 13 ,(1996)
Huiqiang Wang, Gaofei Wang, Ying Lan, Ke Wang, Daxin Liu, A new automatic intrusion response taxonomy and its application asia-pacific web conference. pp. 999- 1003 ,(2006) , 10.1007/11610496_139
Wael Kanoun, Layal Samarji, Nora Cuppens-Boulahia, Samuel Dubus, Frédéric Cuppens, Towards a Temporal Response Taxonomy DPM/SETOP. pp. 318- 331 ,(2012) , 10.1007/978-3-642-35890-6_23
Javier Andres Pinto, Raymond Reiter, Temporal reasoning in the situation calculus University of Toronto. ,(1994)
Frédéric Cuppens, Rodolphe Ortalo, LAMBDA: A Language to Model a Database for Detection of Attacks recent advances in intrusion detection. pp. 197- 216 ,(2000) , 10.1007/3-540-39945-3_13
C. Boutilier, R. I. Brafman, Partial-order planning with concurrent interacting actions Journal of Artificial Intelligence Research. ,vol. 14, pp. 105- 136 ,(2001) , 10.1613/JAIR.740
Chenfeng Vincent Zhou, Christopher Leckie, Shanika Karunasekera, A survey of coordinated attacks and collaborative intrusion detection Computers & Security. ,vol. 29, pp. 124- 140 ,(2010) , 10.1016/J.COSE.2009.06.008
Nada Essaouini, Frederic Cuppens, Nora Cuppens-Boulahia, Anas Abou El Kalam, Specifying and enforcing constraints in dynamic access control policies conference on privacy, security and trust. pp. 290- 297 ,(2014) , 10.1109/PST.2014.6890951
Raymond Reiter, Knowledge in Action: Logical Foundations for Specifying and Implementing Dynamical Systems ,(2001)