Intrusion Response Systems (IRSs) have been a major research topic in the last decade. At the core of an IRS is the response selection algorithm, which selects the best response action to counter the currently detected attack. This work advances the state of the art by proposing a meta-model based on Multi-Agent Markov Decision Processes which can be used to model a system and to plan for multi-objective, optimal, long-term, eventually proactive response policies. Experimental results show that long-term policies always outperform short-term ones and a thorough performance assessment shows that the proposed approach can be adopted to secure large systems.
Iannucci, S., Abdelwahed, S. (2016). Towards autonomic intrusion response systems. In Proceedings - 2016 IEEE International Conference on Autonomic Computing, ICAC 2016 (pp.229-230). 10662 LOS VAQUEROS CIRCLE, PO BOX 3014, LOS ALAMITOS, CA 90720-1264 USA : Institute of Electrical and Electronics Engineers Inc. [10.1109/ICAC.2016.11].
Towards autonomic intrusion response systems
Iannucci S.
;
2016-01-01
Abstract
Intrusion Response Systems (IRSs) have been a major research topic in the last decade. At the core of an IRS is the response selection algorithm, which selects the best response action to counter the currently detected attack. This work advances the state of the art by proposing a meta-model based on Multi-Agent Markov Decision Processes which can be used to model a system and to plan for multi-objective, optimal, long-term, eventually proactive response policies. Experimental results show that long-term policies always outperform short-term ones and a thorough performance assessment shows that the proposed approach can be adopted to secure large systems.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.