La vitrine de diffusion des publications et contributions des chercheurs de l'ÉTS
RECHERCHER

Dynamic optimal countermeasure selection for intrusion response system

Shameli Sendi, Alireza et Louafi, Habib et He, Wenbo et Cheriet, Mohamed. 2016. « Dynamic optimal countermeasure selection for intrusion response system ». IEEE Transactions on Dependable and Secure Computing.
(Sous presse)

[img]
Prévisualisation
PDF
Cheriet M. 2016 13853 Dynamic optimal countermeasure selection.pdf - Version acceptée
Licence d'utilisation : Tous les droits réservés aux détenteurs du droit d'auteur.

Télécharger (5MB) | Prévisualisation

Résumé

Designing an efficient defense framework is challenging with respect to a network’s complexity, widespread sophisticated attacks, attackers’ ability, and the diversity of security appliances. The Intrusion Response System (IRS) is intended to respond automatically to incidents by attuning the attack damage and countermeasure costs. The existing approaches inherit some limitations, such as using static countermeasure effectiveness, static countermeasure deployment cost, or neglecting the countermeasures’ negative impact on service quality (QoS). These limitations may lead the IRS to select inappropriate countermeasures and deployment locations, which in turn may reduce network performance and disconnect legitimate users. In this paper, we propose a dynamic defense framework that selects an optimal countermeasure against different attack damage costs. To measure the attack damage cost, we propose a novel defense-centric model based on a service dependency graph. To select the optimal countermeasure dynamically, we formulate the problem at hand using a multi-objective optimization concept that maximizes the security benefit, minimizes the negative impact on users and services, and minimizes the security deployment cost with respect to the attack damage cost.

Type de document: Article publié dans une revue, révisé par les pairs
Professeur:
Professeur
Cheriet, Mohamed
Affiliation: Génie de la production automatisée
Date de dépôt: 25 oct. 2016 17:58
Dernière modification: 14 nov. 2016 15:48
URI: http://espace2.etsmtl.ca/id/eprint/13853

Actions (Authentification requise)

Dernière vérification avant le dépôt Dernière vérification avant le dépôt

Statistiques de téléchargement

Plus de statistiques ...