Title :
Success Likelihood of Ongoing Attacks for Intrusion Detection and Response Systems
Author :
Kanoun, Wael ; Cuppens-Boulahia, Nora ; Cuppens, Fr?©d?©ric ; Dubus, Samuel ; Martin, Antony
Author_Institution :
Bell Fabs, Alcatel-Fucent, Nozay, France
Abstract :
Intrusion Detection and Response Systems have become a core component in modern security architectures. Current researches are combining intrusion detection and response systems with risk analysis or cost-sensitive approaches to enhance the detection and the response procedure, by assessing the risk of detected attacks and candidate countermeasures. The Risk has two primary dimensions: (i) the likelihood of success of the attack(s), and (ii) the impact of the attack(s) and the countermeasure(s).In this paper, we present a model to assess the success likelihood of attack objectives. This model can be used by intrusion detection and response systems to identify candidate ongoing scenarios, calculate dynamically the likelihood of success for each of them considering the progress of the attack and the state of the target system, and finally prioritize candidate intrusion objectives and associated countermeasures.
Keywords :
risk analysis; security of data; cost-sensitive approach; intrusion detection-response system; ongoing attack success likelihood; risk analysis; security architecture; Costs; Counting circuits; Cryptography; Information security; Intelligent networks; Intelligent systems; Intrusion detection; Risk analysis; Telecommunication computing; Telecommunication traffic; Success likelihood; dynamic Markov model; intrusion detection and response systems; intrusion objective;
Conference_Titel :
Computational Science and Engineering, 2009. CSE '09. International Conference on
Print_ISBN :
978-1-4244-5334-4
Electronic_ISBN :
978-0-7695-3823-5
DOI :
10.1109/CSE.2009.233
