Descripción
|
|
---|---|
Automated intrusion response is an important problem in network security. Several Automated Intrusion Response Systems (AIRS) have been proposed to take over that task, but current proposals have limitations related to their adaptability to different intrusion sources, since they do not take into account the semantic of intrusion alerts coming from different Intrusion Detection Systems, with different formats and syntaxes. To solve this problem, this paper proposes an architecture for an AIRS based on ontologies, formal behavior specification languages and reasoning mechanisms, which automatically infers and executes the optimum response action when different security-events network detection sources detect security intrusions. This paper describes the system architecture as well as the inference process of the recommended and optimum responses | |
Internacional
|
Si |
Nombre congreso
|
3rd International Conference on Computational Intelligence in Security for Information Systems (CISIS¿10) |
Tipo de participación
|
960 |
Lugar del congreso
|
León, España |
Revisores
|
Si |
ISBN o ISSN
|
978-3-642-16625-9 |
DOI
|
|
Fecha inicio congreso
|
11/11/2010 |
Fecha fin congreso
|
12/11/2010 |
Desde la página
|
99 |
Hasta la página
|
106 |
Título de las actas
|
Computational Intelligence in Security for Information Systems 2010 |