A Response Strategy Model for Intrusion Response Systems

Abstract : There are several types of security systems, which focus on detecting, mitigating and responding to incidents. Current response systems are largely based on manual incident response selection strategies, which can introduce delays between detection and response time. However, it would be beneficial if critical and urgent incidents are addressed as soon as possible before they jeopardised critical systems. As a result, the Risk Index Model (RIM) has been proposed earlier in our previous study, as a method of prioritising incidents based upon two decision factors namely impact on assets and likelihood of threat and vulnerability. This paper extends RIM by using it as the basis for mapping incidents with various response options. The proposed mapping model, Response Strategy Model (RSM) is based on risk response planning and time management concepts and it is evaluated using the DARPA 2000 dataset. The case study analysis upon the dataset has shown a significant result in mapping incident into different quadrants. In particular, the results have shown a significant relationship between the incident classification with incident priorities where false incidents are likely to be categorised as low priority incidents and true incidents are likely to be categorised as the high priority incident.
Type de document :
Communication dans un congrès
Dimitris Gritzalis; Steven Furnell; Marianthi Theoharidou. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Crete, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-376, pp.573-578, 2012, Information Security and Privacy Research. 〈10.1007/978-3-642-30436-1_51〉
Liste complète des métadonnées

Littérature citée [11 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01518222
Contributeur : Hal Ifip <>
Soumis le : jeudi 4 mai 2017 - 13:45:20
Dernière modification le : jeudi 4 mai 2017 - 14:53:55
Document(s) archivé(s) le : samedi 5 août 2017 - 13:22:29

Fichier

978-3-642-30436-1_51_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Nor Anuar, Maria Papadaki, Steven Furnell, Nathan Clarke. A Response Strategy Model for Intrusion Response Systems. Dimitris Gritzalis; Steven Furnell; Marianthi Theoharidou. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Crete, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-376, pp.573-578, 2012, Information Security and Privacy Research. 〈10.1007/978-3-642-30436-1_51〉. 〈hal-01518222〉

Partager

Métriques

Consultations de la notice

66

Téléchargements de fichiers

24