Computers and Security, Volume (62), No (1), Year (2016-6) , Pages (73-94)

Title : ( A foresight model for intrusion response management )

Authors: Mohammad GhasemiGol , Hassan Takabi , Abbas Ghaemi Bafghi ,

Citation: BibTeX | EndNote

Abstract

Intrusion response system (IRS) is one of the most important components in the network security solution that selects appropriate countermeasures to handle the intrusion alerts. Recently, many techniques have been proposed in designing an automated IRS. However, one of the big challenges in intrusion response system which is not considered in the literature is the lack of standardization for intrusion responses. So, this paper investigates how to model and manage the intrusion responses.We present a multilevel response model that provides a high-level view of intrusion responses. We also propose a foresight model toestimatetheresponsecostbyconsideringIDSalerts,networkdependencies,attackdamage, response impact,and probability of potential attacks.Furthermore,a data model is defined to represent and exchange the intrusion response messages with a standard format.

Keywords

, Intrusion response system Response management Global network dependency graph Uncertainty, aware attack graph Multi, level response graph Foresight cost estimating model Response data model
برای دانلود از شناسه و رمز عبور پرتال پویا استفاده کنید.

@article{paperid:1059953,
author = {GhasemiGol, Mohammad and Hassan Takabi and Ghaemi Bafghi, Abbas},
title = {A foresight model for intrusion response management},
journal = {Computers and Security},
year = {2016},
volume = {62},
number = {1},
month = {June},
issn = {0167-4048},
pages = {73--94},
numpages = {21},
keywords = {Intrusion response system Response management Global network dependency graph Uncertainty-aware attack graph Multi-level response graph Foresight cost estimating model Response data model},
}

[Download]

%0 Journal Article
%T A foresight model for intrusion response management
%A GhasemiGol, Mohammad
%A Hassan Takabi
%A Ghaemi Bafghi, Abbas
%J Computers and Security
%@ 0167-4048
%D 2016

[Download]