2006
DOI: 10.1007/bf03219974
|View full text |Cite
|
Sign up to set email alerts
|

Anti-correlation as a criterion to select appropriate counter-measures in an intrusion detection framework

Abstract: Since current computer infrastructures are increasingly vulnerable to malicious activities, intrusion detection is necessary but unfortunately not sufficient. We need to design effective response techniques to circumvent intrusions when they are detected. Our approach is based on a library that implements different types of counter-measures. The idea is to design a decision support tool to help the administrator to choose, in this library, the appropriate counter-measure when a given intrusion occurs. For this… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

0
17
0

Year Published

2008
2008
2018
2018

Publication Types

Select...
3
2
1

Relationship

0
6

Authors

Journals

citations
Cited by 27 publications
(17 citation statements)
references
References 7 publications
0
17
0
Order By: Relevance
“…Let us start by having a look to the main components of our attack prevention system [1,3]. A description of each component is presented in the following.…”
Section: Proposed Architecturementioning
confidence: 99%
See 4 more Smart Citations
“…Let us start by having a look to the main components of our attack prevention system [1,3]. A description of each component is presented in the following.…”
Section: Proposed Architecturementioning
confidence: 99%
“…All possible classifications and their respective attributes must be known by all the components of the system (i.e., analyzers and managers) and all analyzers must be capable of deriving instances of local events of arbitrary types. This way, the correlation process presented in [1,3] can be realized.…”
Section: Proposed Architecturementioning
confidence: 99%
See 3 more Smart Citations