Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ACSAC
2002
IEEE
2002
IEEE
Evaluating the Impact of Automated Intrusion Response Mechanisms
Intrusion detection systems (IDSs) have reached a high level of sophistication and are able to detect intrusions with a variety of methods. Unfortunately, system administrators neither can keep up with the pace that an IDS is delivering alerts, nor can they react upon these within adequate time limits. Automatic response systems have to take over that task. In case of an identified intrusion, these components have to initiate appropriate actions to counter emerging threats. Most current intrusion response systems (IRSs) utilize static mappings to determine adequate response actions in reaction to detected intrusions. The problem with this approach is its inherent inflexibility. Countermeasures (such as changes of firewall rules) often do not only defend against the detected attack but may also have negative effects on legitimate users of the network and its services. To prevent a situation where a response action causes more damage that the actual attack, a mechanism is needed that...
Real-time TrafficRelated Content
| Added | 14 Jul 2010 |
| Updated | 14 Jul 2010 |
| Type | Conference |
| Year | 2002 |
| Where | ACSAC |
| Authors | Thomas Toth, Christopher Krügel |
Comments (0)
Researcher Info
|
