Anti-correlation as a criterion to select appropriate counter-measures in an intrusion detection framework | Zendy

Frédéric Cuppens | Zendy; Fabien Autrel | Zendy; Yacine Bouzida | Zendy; Joaquin GarciaAlfaro | Zendy; Sylvain Gombault | Zendy; Thierry Sans | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

Anti-correlation as a criterion to select appropriate counter-measures in an intrusion detection framework

Author(s) -

Frédéric Cuppens,

Fabien Autrel,

Yacine Bouzida,

Joaquin GarciaAlfaro,

Sylvain Gombault,

Thierry Sans

Publication year - 2006

Publication title -

annals of telecommunications

Language(s) - English

Resource type - Journals

SCImago Journal Rank - 0.338

H-Index - 39

eISSN - 1958-9395

pISSN - 0003-4347

DOI - 10.1007/bf03219974

Subject(s) - intrusion detection system , computer science , measure (data warehouse) , intrusion , data mining , correlation , anomaly based intrusion detection system , system administrator , computer security , machine learning , mathematics , geometry , geochemistry , geology

Since current computer infrastructures are increasingly vulnerable to malicious activities, intrusion detection is necessary but unfortunately not sufficient. We need to design effective response techniques to circumvent intrusions when they are detected. Our approach is based on a library that implements different types of counter-measures. The idea is to design a decision support tool to help the administrator to choose, in this library, the appropriate counter-measure when a given intrusion occurs. For this purpose, we formally define the notion of anti-correlation which is used to determine the counter-measures that are effective to stop the intrusion. Finally, we present a platform of intrusion detection that implements the response mechanisms presented in this paper.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research