Get 20M+ Full-Text Papers For Less Than $1.50/day. Start a 14-Day Trial for You or Your Team.

Learn More →

Research on automated rollbackability of intrusion response

Research on automated rollbackability of intrusion response The rollbackable automated intrusion response mechanism, a method whereby an intrusion response can be treated by in the context of the detection/response life-cycle. The idea derives from the observation that most intrusion responses have negative effects. To decrease the cumulative response cost, response rollback could be carried out at some suitable time, for example when the attack has terminated or the attack 'detection' is proved to be a false positive. Additionally, technologies supporting automated response are proposed, such as the structure of a response policy and the way the automated response might be implemented. A proposed implementation structure of rollbackable automated intrusion response system (RAIRS) is also given. With the quantified response cost, the result of our experiments shows that response rollback is promising as a way to decrease the expected cumulative intrusion response cost. http://www.deepdyve.com/assets/images/DeepDyve-Logo-lg.png Journal of Computer Security IOS Press

Research on automated rollbackability of intrusion response

Journal of Computer Security , Volume 12 (5) – Jan 1, 2004

Loading next page...
 
/lp/ios-press/research-on-automated-rollbackability-of-intrusion-response-ZIfMxhvP75

References

References for this paper are not available at this time. We will be adding them shortly, thank you for your patience.

Publisher
IOS Press
Copyright
Copyright © 2004 by IOS Press, Inc
ISSN
0926-227X
eISSN
1875-8924
Publisher site
See Article on Publisher Site

Abstract

The rollbackable automated intrusion response mechanism, a method whereby an intrusion response can be treated by in the context of the detection/response life-cycle. The idea derives from the observation that most intrusion responses have negative effects. To decrease the cumulative response cost, response rollback could be carried out at some suitable time, for example when the attack has terminated or the attack 'detection' is proved to be a false positive. Additionally, technologies supporting automated response are proposed, such as the structure of a response policy and the way the automated response might be implemented. A proposed implementation structure of rollbackable automated intrusion response system (RAIRS) is also given. With the quantified response cost, the result of our experiments shows that response rollback is promising as a way to decrease the expected cumulative intrusion response cost.

Journal

Journal of Computer SecurityIOS Press

Published: Jan 1, 2004

There are no references for this article.