Title :
Intelligent response system to mitigate the success likelihood of ongoing attacks
Author :
Kanoun, Wael ; Cuppens-Boulahia, Nora ; Cuppens, Frederic ; Dubus, Samuel ; Martin, Antony
Author_Institution :
Bell Labs., Alcatel-Lucent, Holmdel, NJ, USA
Abstract :
Intrusion response models and systems have been recently an active field in the security research. These systems rely on a fine diagnosis to perform and optimize their response. In particular, previous papers focus on balancing the cost of the response with the impact of the attack. In this paper, we present a novel attack response system, based on the assessment of the likelihood of success of attack objectives. First, the ongoing potential attacks are identified, and their success likelihood are calculated dynamically. The success likelihood depends mainly on the progress of the attack and the state of the monitored system. Second, candidate countermeasures are identified, and their effectiveness in reducing the pre-calculated success likelihood are assessed. Finally, the candidate countermeasures are prioritized.
Keywords :
maximum likelihood estimation; security of data; attack response system; intelligent response system; intrusion response model; likelihood assessment; ongoing potential attack; security diagnosis; Correlation; Cryptography; Object recognition; attack objectives; dynamic Markov models; response; success likelihood mitigation;
Conference_Titel :
Information Assurance and Security (IAS), 2010 Sixth International Conference on
Conference_Location :
Atlanta, GA
Print_ISBN :
978-1-4244-7407-3
DOI :
10.1109/ISIAS.2010.5604054
