Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ICAC
2009
IEEE
2009
IEEE
Threat-model-driven runtime adaptation and evaluation of intrusion detection system
We present a mechanism for autonomous self-adaptation of a network-based intrusion detection system (IDS). The system is composed of a set of cooperating agents, each of which is based on an existing network behavior analysis method. The self adaptation mechanism is based on the insertion of a small number of challenges, i.e. known instances of past legitimate or malicious behavior. The response of individual system components to these challenges is used to measure and eventually optimize the system performance in terms of accuracy. In this work we show how to choose the challenges in a way such that the IDS attaches more importance to the detection of attacks that cause much damage. Categories and Subject Descriptors: C.2.0 [ComputerCommunication Networks]: Security and Protection. General Terms: Security, Management, Measurement.
Real-time TrafficAutonomic Computing | Behavior Analysis Method | ICAC 2009 | Network-based Intrusion Detection | Self Adaptation Mechanism |
Related Content
| Added | 21 May 2010 |
| Updated | 21 May 2010 |
| Type | Conference |
| Year | 2009 |
| Where | ICAC |
| Authors | Martin Rehák, Eugen Staab, Volker Fusenig, Jan Stiborek, Martin Grill, Karel Bartos, Michal Pechoucek, Thomas Engel |
Comments (0)
Researcher Info
|
