Title :
A cost-sensitive method for distributed intrusion response
Author :
Wu, Yaorui ; Liu, Shufen
Author_Institution :
Coll. of Comput. Sci. & Technol., Jilin Univ., Changchun
Abstract :
A method for the evaluation of response cost is proposed. It is based on the principle that one should achieve the maximum security goal through a minimal response cost. On this basis a method for judging the causal relationship between an intrusion and a cooperative intrusion is further suggested. The intrusion response system designed according to the above response strategy can be applied to the distributed network environment. Through the cooperation of more than one management domain and a large scale study of relationships among various intrusion response costs a superior response strategy can be deduced.
Keywords :
distributed processing; security of data; software cost estimation; cooperative intrusion; cost-sensitive method; distributed intrusion response; distributed network environment; maximum security goal; response cost; Computer networks; Computer science; Computerized monitoring; Costs; Detectors; Educational institutions; Event detection; Intrusion detection; Large-scale systems; Security; Intrusion response; attack correlation; cooperative attacks; cost calculation;
Conference_Titel :
Computer Supported Cooperative Work in Design, 2008. CSCWD 2008. 12th International Conference on
Conference_Location :
Xi´an
Print_ISBN :
978-1-4244-1650-9
Electronic_ISBN :
978-1-4244-1651-6
DOI :
10.1109/CSCWD.2008.4537074
