A cost-sensitive method for distributed intrusion response

Author

Wu, Yaorui ; Liu, Shufen

Author_Institution

Coll. of Comput. Sci. & Technol., Jilin Univ., Changchun

fYear

2008

Firstpage

760

Lastpage

764

Abstract

A method for the evaluation of response cost is proposed. It is based on the principle that one should achieve the maximum security goal through a minimal response cost. On this basis a method for judging the causal relationship between an intrusion and a cooperative intrusion is further suggested. The intrusion response system designed according to the above response strategy can be applied to the distributed network environment. Through the cooperation of more than one management domain and a large scale study of relationships among various intrusion response costs a superior response strategy can be deduced.

Keywords

distributed processing; security of data; software cost estimation; cooperative intrusion; cost-sensitive method; distributed intrusion response; distributed network environment; maximum security goal; response cost; Computer networks; Computer science; Computerized monitoring; Costs; Detectors; Educational institutions; Event detection; Intrusion detection; Large-scale systems; Security; Intrusion response; attack correlation; cooperative attacks; cost calculation;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Supported Cooperative Work in Design, 2008. CSCWD 2008. 12th International Conference on

Conference_Location

Xi´an

Print_ISBN

978-1-4244-1650-9

Electronic_ISBN

978-1-4244-1651-6

Type

conf

DOI

10.1109/CSCWD.2008.4537074

Filename

4537074