Intelligent response system to mitigate the success likelihood of ongoing attacks
Résumé
Intrusion response models and systems have been recently an active field in the security research. These systems rely on a fine diagnosis to perform and optimize their response. In particular, previous papers focus on balancing the cost of the response with the impact of the attack. In this paper, we present a novel attack response system, based on the assessment of the likelihood of success of attack objectives. First, the ongoing potential attacks are identified, and their success likelihood are calculated dynamically. The success likelihood depends mainly on the progress of the attack and the state of the monitored system. Second, candidate countermeasures are identified, and their effectiveness in reducing the pre-calculated success likelihood are assessed. Finally, the candidate countermeasures are prioritized.
Origine : Fichiers éditeurs autorisés sur une archive ouverte
Loading...