Advanced Search
    Mu Chengpo, Huang Houkuan, Tian Shengfeng, Li Xiangjun. A Survey of Intrusion Response Decision-Making Techniques of Automated Intrusion Response Systems[J]. Journal of Computer Research and Development, 2008, 45(8): 1290-1298.
    Citation: Mu Chengpo, Huang Houkuan, Tian Shengfeng, Li Xiangjun. A Survey of Intrusion Response Decision-Making Techniques of Automated Intrusion Response Systems[J]. Journal of Computer Research and Development, 2008, 45(8): 1290-1298.

    A Survey of Intrusion Response Decision-Making Techniques of Automated Intrusion Response Systems

    • Automated intrusion response system and its significances are briefly introduced in this paper. The intrusion response-decision making is one of the critical techniques of automated intrusion response systems. A hierarchical architecture about intrusion response decision-making problems is presented. The roles of response goals and response strategies in an intrusion response decision-making process are discussed, meanwhile their related work is introduced. Intrusion response decision-making factors are used in decision-making models and directly influence the results of intrusion decision-making models. The decision-making factors in the latest existing intrusion decision-making mechanisms are reviewed, and it is pointed out that some of these factors are not properly used in a few of existing decision-making models. In order to choose proper factors in an intrusion response decision-making model, a taxonomy of response decision-making factors is given. The existing models of intrusion response measure decision-making are presented, and their features and problems of these models are discussed in detail. The concept and idea of intrusion response time decision-making are proposed, and at the same time, a few of intrusion response time decision-making models are introduced. The architecture, response time decision-making model, response measure decision-making model and experiments of the intrusion detection alert management & intrusion response system (IDAM&IRS) developed by the authors are shown. In addition, its features are described. Finally the development trends of response decision-making are summarized.
    • loading

    Catalog

      Turn off MathJax
      Article Contents

      /

      DownLoad:  Full-Size Img  PowerPoint
      Return
      Return