Paper Info
Title
A response selection model for intrusion response systems: Response Strategy Model RSM
Abstract
AbstractIntrusion response systems aim to provide a systematic procedure to respond to incidents. However, with different type of response options, an automatic response system is designed to select appropriate response options automatically in order to act fast to respond to only true and critical incidents as well as minimise their impact. In addition, incidents also can be prioritised into different level of priority where some incidents may cause a serious impact i.e. high priority and other may not i.e. low priority. The existing strategies inherit some limitation such as using complex approaches and less efficient in mapping appropriate response based upon incidents' priority. Therefore, this study introduces a model called response strategy model to address the aforementioned limitation. In order to validate, it was evaluated using two datasets: DARPA 2000 and private dataset. The case study results have shown a significant relationship between the incident classification and incident priorities where false incidents are likely to be categorised as low priority and true incidents are likely to be categorised as the high priority. In particular, with response strategy model, an average of 92.68% of the false incidents was prioritised as the lowest priority is better compared with only 67.07% with Snort priority. Copyright © 2013 John Wiley & Sons, Ltd.
Year
DOI
Venue
2014
10.1002/sec.896
Periodicals
Keywords
Field
DocType
intrusion response systems,risk response planning,response strategy model
Computer security,Computer science,Operations research,Some limitation,Intrusion response systems
Journal
Volume
Issue
ISSN
7
11
1939-0114
Citations 
PageRank 
References 
1
0.35
19
Authors
4
Name
Order
Citations
PageRank
Nor Badrul Anuar163536.94
Maria Papadaki2667.44
Steven M. Furnell31002104.31
Nathan L. Clarke442141.93