2015 5th International Conference on Computer and Knowledge Engineering , 2015-10-29

Title : ( Risk-based Intrusion Response Management in IDS using Bayesian Decision Networks )

Authors: Masoud Khosravi Farmad , Ali Ahmadian Ramaki , Abbas Ghaemi Bafghi ,

Citation: BibTeX | EndNote

Abstract

Nowadays, from information security perspective, detection methods are not enough solely. Intrusion Detection and Response Systems (IDRS), as a proactive solution, continuously monitor system health based on Intrusion Detection System (IDS) alerts, so that malicious activities can be handled effectively by applying appropriate countermeasures to prevent problems from worsening and return the system to a healthy state. In this paper, a novel IDRS is proposed which processes the generated alerts in real time, correlates the alerts, calculates the risk of correlated alerts and models the attack scenarios and their countermeasures using the concept of Bayesian decision networks (BDNs). The proposed framework has two modes: online and offline. In the offline mode, a BDN model is constructed. Then, in the online mode, using the generated BDN, the next probable intentions of attackers are predicted and the optimal sets of countermeasures are identified to prevent the attackers reaching their goals. The experimental results show that the proposed method effectively improves the security level of computer systems in terms of forecasting the multi-step attacks before they can compromise the network and determining the optimal security risk mitigation plans to prevent damages to the organizations assets

Keywords

, Intrusion Detection an d Response System, Intrusion Prediction, Bayesian Decision Network, Security Risk Mi tigation
برای دانلود از شناسه و رمز عبور پرتال پویا استفاده کنید.

@inproceedings{paperid:1057663,
author = {Khosravi Farmad, Masoud and Ahmadian Ramaki, Ali and Ghaemi Bafghi, Abbas},
title = {Risk-based Intrusion Response Management in IDS using Bayesian Decision Networks},
booktitle = {2015 5th International Conference on Computer and Knowledge Engineering},
year = {2015},
location = {IRAN},
keywords = {Intrusion Detection an d Response System; Intrusion Prediction; Bayesian Decision Network; Security Risk Mi tigation},
}

[Download]

%0 Conference Proceedings
%T Risk-based Intrusion Response Management in IDS using Bayesian Decision Networks
%A Khosravi Farmad, Masoud
%A Ahmadian Ramaki, Ali
%A Ghaemi Bafghi, Abbas
%J 2015 5th International Conference on Computer and Knowledge Engineering
%D 2015

[Download]