Intrusion response cost assessment methodology

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback
Take a look at the new version of this page: [ beta version ]. Tell us what you think.

Intrusion response cost assessment methodology

Full text

Pdf (683 KB)

Source

ASIAN ACM Symposium on Information, Computer and Communications Security archive
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security table of contents

Sydney, Australia

SESSION: Short papers-II table of contents

Pages: 388-391

Year of Publication: 2009

ISBN:978-1-60558-394-5

Authors

Chris Strasburg	Iowa State University
Natalia Stakhanova	University of New Brunswick
Samik Basu	Iowa State University
Johnny S. Wong	Iowa State University

Sponsor

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 13, Downloads (12 Months): 94, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1533057.1533112 What is a DOI?

ABSTRACT

In this paper we present a structured methodology for evaluating cost of responses based on three factors: the response operational cost associated with the daily maintenance of the response, the response goodness that measures the applicability of the selected response for a detected intrusion and the response impact on the system that refers to the possible response effect on the system functionality. The proposed approach provides a consistent basis for response evaluation across different systems while incorporating security policy and properties of the specific system environment.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	I. Balepin, S. Maltsev, J. Rowe, and K. Levitt. Using specification-based intrusion detection for automated response. In Proceedings of RAID, 2003.
	2	Bingrui Foo , Yu-Chun Mao , Eugene Spafford, ADEPTS: Adaptive Intrusion Response Using Attack Graphs in an E-Commerce Environment, Proceedings of the 2005 International Conference on Dependable Systems and Networks, p.508-517, June 28-July 01, 2005 [doi>10.1109/DSN.2005.17]
	3	Wenke Lee , Wei Fan , Matthew Miller , Salvatore J. Stolfo , Erez Zadok, Toward cost-sensitive modeling for intrusion detection and response, Journal of Computer Security, v.10 n.1-2, p.5-22, 2002
	4	Natalia Stakhanova , Samik Basu , Johnny Wong, A Cost-Sensitive Model for Preemptive Intrusion Response Systems, Proceedings of the 21st International Conference on Advanced Networking and Applications, p.428-435, May 21-23, 2007 [doi>10.1109/AINA.2007.9]
	5	C. Strasburg, N. Stakhanova, S. Basu, and J. Wong. The methodology for evaluating response cost for intrusion response systems. Technical Report 08--12, Iowa State University, 2008.
	6	Yu-Sung Wu , Bingrui Foo , Yu-Chun Mao , Saurabh Bagchi , Eugene H. Spafford, Automated adaptive intrusion containment in systems of interacting services, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.51 n.5, p.1334-1360, April, 2007 [doi>10.1016/j.comnet.2006.09.006]