Home // ICN 2015, The Fourteenth International Conference on Networks // View article

Improving Attack Mitigation with a Cost-sensitive and Adaptive Intrusion Response System

Authors:
Rodion Iafarov
Ruediger Gad
Martin Kappes

Keywords: Intrusion Response System; Risk Assessment; Impact Cost Assessment; Dynamic; Adaptive

Abstract:
Because of the rise of the number of attacks in computer networks, mitigation measures have to be applied in an efficient manner. The time frame for attack mitigation is shortened what makes using classical manual intervention approaches less efficient. Even though the idea of Intrusion Response Systems (IRS) is not new, IRS are still not widely used. Potential users are typically afraid of inadequate reactions, which could worsen the situation or could even be used as a part of attacks. In this paper, we present a cost-sensitive, retroactive, adaptive, and preemptive IRS that is intended to support network administrators in the attack mitigation and decision making processes. Our approach aims on balancing the costs of responses and attacks, adapts to changing situations, and optimizes the selection of responses and response deployment locations. Experimental results obtained with an evaluation prototype show that our approach works and is feasible from a performance perspective.

Pages: 134 to 139

Copyright: Copyright (c) IARIA, 2015

Publication date: April 19, 2015

Published in: conference

ISSN: 2308-4413

ISBN: 978-1-61208-398-8

Location: Barcelona, Spain

Dates: from April 19, 2015 to April 24, 2015