XIDR: A Dynamic Framework Utilizing Cross-Layer Intrusion Detection for Effective Response Deployment

We present a complete intrusion detection and response framework named XIDR (Cross-layer Intrusion Detection and Response), which utilizes multi-source intrusion detection systems to enable cross-layer intrusion detection and cross-layer automated intrusion response system to deploy cost-effective and efficient preemptive responses. In this paper, we define the notion of cross-layer design which integrates features from various layers for detecting intrusions in wired environment, enables more fine grained detection technique and also helps us to reduce false positive and false negative rate. Moreover, cross-layer based approach for selecting and deploying response will help to deploy responses at various layers in the network. This approach will mitigate the impact of sophisticated attacks in the most efficient manner. The response selection will be preemptive as well as adaptive to the ongoing intrusion.