Expression and deployment of reaction policies

SITIS 2008 - Proceedings of the 4th International Conference on Signal Image Technology and Internet Based Systems

Volumn , Issue , 2008, Pages 118-127

  Frédéric, Cuppens ^a   Nora, Cuppens Boulahia ^a   Bouzida, Yacine ^a   Wael, Kanoun ^a,b   Croissant, Aurélien ^a  

^a ECOLE DES MINES DE NANTES   (France)

^b LUCENT TECHNOLOGIES   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

INFORMATION SYSTEMS; INTERNET; INTRUSION DETECTION; MANAGEMENT; SECURITY SYSTEMS;

CONTROL TECHNIQUES; COUNTER MEASURES; DETECTION MECHANISMS; INTRUSION ALERTS; LIMITED INFORMATIONS; SECURITY POLICIES; SYSTEM INFRASTRUCTURES;

ACCESS CONTROL;

EID: 60349116749     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SITIS.2008.96     Document Type: Conference Paper

References (22)

1. The 3rd Generation Partnership Project. Available at: http://www.3gpp.org/, 2007.
2. Y. Bouzida, F. Cuppens, and S. Gombault. Detecting and Reacting Against Distributed Denial of Service Attacks using Alert Correlation. In IEEE Intenational Conference on Communications, 2006.
3. Y. Bouzida and C. Mangin. Detecting anomalies in VoIP networks. In 3rd International Conference on Avilability, Reliability and Security ARES08, Barcelona, Spain, 2008.
4. F. Cuppens, F. Autrel, Y. Bouzida, J. Garcia, S. Gombault, and T. Sans. Anti-correlation as a criterion to select appropriate counter-measures in an intrusion detection framework. Annales des télécommunications, March 2006.
5. F. Cuppens, N. Cuppens, T. Sans, and A. Miége. A formal approach to specify and deploy a network security policy. In Formal Aspects in Security and Trust FAST, August 2004.
6. F. Cuppens, N. Cuppens-Boulahia, and M. B. Ghorbel. High Level Conflict Management Strategies in Advanced Access Control Models. Electronic Notes in Theoretical Computer Science, 186:3-26, 2007.
7. F. Cuppens, N. Cuppens-Boulahia, and T. Sans. Nomad: A Security Model with Non Atomic Actions and Deadlines. In 18th IEEE CSFW, pages 186-196, 2005.
8. F. Cuppens and A. Mièege. Modelling Contexts in the Or- BAC Model. ACSAC, page 416, 2003.
9. F. Cuppens and A. Mige. Alert Correlation in a Cooperative Intrusion Detection Framework. In IEEE Symposium on Security and Privacy, Oakland, USA, 2002.
10. F. Cuppens and R. Ortalo. LAMBDA: A Language to Model a Database for Detection of Attacks. In Third International Workshop on the Recent Advances in Intrusion Detection (RAID'2000), France, October 2000.
11. H. Debar, Y. Thomas, N. Boulahia-Cuppens, and F. Cuppens. Enabling automated threat response through the use of a dynamic security policy. Journal in Computer Virology, 3, 2007.
12. P. Gama and P. Ferreira. Obligation Policies: An Enforcement Platform. In 6th IEEE Policy, June 2005.
13. W. Kanoun, N. Cuppens-Boulahia, F. Cuppens, and F. Autrel. Advanced reaction using risk assessment in intrusion detection systems. In 2nd International Workshop on Critical Information Infrastructures Security, 2007.
14. W. Lee, W. Fan, M. Miller, S. J. Stolfo, and E. Zadok. Toward cost-sensitive modeling for intrusion detection and response. Journal of Computer Security, 10(1/2):5-22, 2002.
15. P. Ning, Y. Cui, and D. Reeves. Constructing Attack Scenarios Through Correlation of Intrusion Alerts. In proceedings of the 9th ACM conference on Computer and communication security, pages 245-254, Washington DC, USA, 2002.
16. M. Petkac and L. Badger. Security agility in response to intrusion detection. December 2000.
17. J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson, R. Sparks, M. Handley, and E. Schooler. SIP: Session Initiation Protocol, RFC 3261. Available at: http://www.ietf.org/rfc/rfc3261.txt, June 2002.
18. R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. IEEE Computer, 29(2):38-47, February 2006.
19. H. Sengar, D. Wijesekera, H. Wang, and S. Jajodia. VoIP Intrusion Detection Through Interacting Protocol State Machines. In Proceedings of the 2006 International Conference on Dependable Systems and Networks, USA, 2006.
20. N. Stakhanova, S. Basu, and J. Wong. A taxonomy of intrusion response systems. International Journal of Information and Computer Security, 1(1/2), March 2007.
21. T. Toth and C. Kruegel. Evaluating the impact of automated intrusion response mechanisms. In 18th Annual Computer Security Applications Conference ACSAC02, 2002.
22. F. Vigna and R. A. Kemmerer. Netstat: A network based intrusion detection system. Journal of Computer Security, 7(1):37-71, 1999.