A cost-sensitive model for preemptive intrusion response systems

Proceedings - International Conference on Advanced Information Networking and Applications, AINA

Volumn , Issue , 2007, Pages 428-435

  Stakhanova, Natalia ^a   Basu, Samik ^a   Wong, Johnny ^a  

^a Iowa State University   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COST BENEFIT ANALYSIS; DAMAGE DETECTION; FAILURE ANALYSIS; MATHEMATICAL MODELS;

COST-SENSITIVE MODELS; DAMAGE REDUCTION;

INTRUSION DETECTION;

EID: 34548775838     PISSN: 1550445X     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/AINA.2007.9     Document Type: Conference Paper

References (22)

1. I. Balepin, S. Maltsev, J. Rowe, and K. Levitt. Using specification-based intrusion detection for automated response. In Proceedings of the 6th International Symposium on Recent Advances in Intrusion Detection, 2003.
2. T. Bowen, D. Chee, M. Segal, R. Sekar, T. Shanbhag, and P. Uppuluri. Building survivable systems: An integrated approach based on intrusion detection and damage containment. In Proceedings of the IEEE DARPA Information Survivability Conference and Exposition, 2000.
3. C. Carver, J. M. Hill, and J. R. Surdu. A methodology for using intelligent agents to provide automated intrusion response. In Proceedings of the IEEE Systems, Man, and Cybernetics Information Assurance and Security Workshop, pages 110-116, 2000.
4. R. G. Coyle. Decision Analysis. The Camelot Press Ltd., London, GB, 1972.
5. B. Foo, Y.-S. Wu, Y.-C. Mao, S. Bagchi, and E. H. Spafford. ADEPTS: Adaptive intrusion response using attack graphs in an e-commerce environment. In Proceedings of the International Conference on Dependable Systems and Networks, pages 508-517, 2005.
6. J. B. Grizzard, S. Krasser, H. L. Owen, E. R. Dodson, and G. J. Conti. Towards an approach for automatically repairing compromised network systems. In Proceedings of the 3rd IEEE International Symposium on Network Computing and Applications, pages 389-392, August 2004.
7. S. Kumar and E. H. Spafford. A pattern matching model for misuse intrusion detection, pages 11-21, 1994.
8. W. Lee, W. Fan, M. Millerand, S. Stolfo, and E. Zadok. Toward cost-sensitive modeling for intrusion detection and response. In Journal of Computer Security, volume 10, pages 5-22, 2000.
9. M. E. Locasto, K. Wang, A. D. Keromytis, and S. J. Stolfo. FLIPS: Hybrid adaptive intrustion prevention. In Proceedings of the 8th International Symposium on Recent Advances in Intrusion Detection, pages 82-101, 2005.
10. MIT. Intrusion detection attacks database. Available from "http://www.ll.mit.edu/IST/ideval/docs/1999/attackDB.html".
11. T. R. Peltier. Information Security Risk Analysis. Auerbach Publications, 2001.
12. P. Porras and P. Neumann. EMERALD: event monitoring enabling responses to anomalous live disturbances. In Proceedings of the National Information Systems Security Conference, 1997.
13. F. Qin, J. Tucek, J. Sundaresan, and Y Zhou. Rx: treating bugs as allergies - a safe method to survive software failures. In Proceedings of the 20th ACM symposium on Operating systems principles, pages 235-248, 2005.
14. D. Schnackenberg, K. Djahandari, and D. Sterne. Infrastructure for intrusion detection and response. In Proceedings of the IEEE DARPA Information Survivability Conference and Exposition, 2000.
15. R. Sekar and P. Uppuluri. Synthesizing fast intrusion prevention/detection systems from high-level specifications. In Proceedings 8th Usenix Security Symposium, 1999.
16. S. Sidiroglou, M. E. Locasto, S. W. Boyd, and A. D. Keromytis. Building a reactive immune system for software services. In Proceedings of the USENIX Annual Technical Conference, 2005.
17. A. Somayaji and S. Forrest. Automated response using system-call delay. In Proceedings of the 9th USENIX Security Symposium, 2000.
18. N. Stakhanova, S. Basu, R. Lutz, and J. Wong. Automated caching of behavioral patterns for efficient run-time monitoring. In Proceedings of the 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing, 2006.
19. N. Stakhanova, S. Basu, and J. Wong. A taxonomy of intrusion response systems. International Journal of Information and Computer Security, 1(1/2): 169-184, 2007.
20. T. Toth and C. Kruegel. Evaluating the impact of automated intrusion response mechanisms. In Proceedings of the 18th Annual Computer Security Applications Conference, 2002.
21. P. Uppuluri and R. Sekar. Experiences with specificationbased intrusion detection. In Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection, 2000.
22. G. White, E. Fisch, and U. Pooch. Cooperating security managers: A peer-based intrusion detection system. In IEEE Network, volume 10, pages 20-23, 1996.