Measuring IDS-estimated attack impacts for rational incident response: A decision theoretic approach
نویسندگان
چکیده
Intrusion detection system (IDS) plays a vital role in defending our cyberspace against attacks. Either misuse-based IDS or anomaly-based IDS, or their combinations, however, can only partially reflect the true system state due to excessive false alerts, low detection rate, and inaccurate incident diagnosis. An automated response component built upon IDS therefore must consider the stale and imperfect picture inferred from them and takes
منابع مشابه
Configuration of Intrusion Detection Systems: A Comparison of Decision and Game Theoretic Approaches
Intrusion detection systems (IDSs) have become a core component of a firm’s IT security architecture. While IDSs enable real time detection of intrusions, a common criticism has been the frequency of false alarms, which undermines their effectiveness. A fundamental problem with IDSs for intrusion detection is achieving the optimal balance between detection rate and false positive and false nega...
متن کاملReal-Time intrusion detection alert correlation and attack scenario extraction based on the prerequisite consequence approach
Alert correlation systems attempt to discover the relations among alerts produced by one or more intrusion detection systems to determine the attack scenarios and their main motivations. In this paper a new IDS alert correlation method is proposed that can be used to detect attack scenarios in real-time. The proposed method is based on a causal approach due to the strength of causal methods in ...
متن کاملA Game Theoretic Approach to Decision and Analysis in Network Intrusion Detection
We investigate the basic trade-offs, analysis and decision processes involved in information security and intrusion detection, as well as possible application of game theoretic concepts to develop a formal decision and control framework. A generic model of a distributed intrusion detection system (IDS) with a network of sensors is considered, and two schemes based on game theoretic techniques a...
متن کاملWelfare Impacts of Imposing a Tariff on Rice in Iran vs an Export Tax in Thailand: A Game Theoretic Approach
In this study, the social welfare impacts of the interaction of Iranian rice import policies and Thai export policies are analyzed using a game theoretic approach in conjunction with econometric supply and demand models. The joint impacts of increasing the world price of rice, resulting from the export policies in Thailand along with changes in tariff rates in Iran, on social welfare are analyz...
متن کاملAssessment Methodology for Anomaly-Based Intrusion Detection in Cloud Computing
Cloud computing has become an attractive target for attackers as the mainstream technologies in the cloud, such as the virtualization and multitenancy, permit multiple users to utilize the same physical resource, thereby posing the so-called problem of internal facing security. Moreover, the traditional network-based intrusion detection systems (IDSs) are ineffective to be deployed in the cloud...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Computers & Security
دوره 28 شماره
صفحات -
تاریخ انتشار 2009