An Attack Description and Response Architecture Based on Multi-level Rule Expression Language

Autor:	Samih Souissi, Layth Sliman, Benoit Charroux
Přispěvatelé:	Télécom ParisTech, École d'ingénieur généraliste en informatique et technologies du numérique (EFREI)
Předmět:	[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] Prevention Systems Security Architecture Attack Classification Attack Description Fuzzy Matching Detection Rules [INFO.INFO-CL]Computer Science [cs]/Computation and Language [cs.CL] Intrusion Detection
Zdroj:	HAL Journal of information assurance and security (JIAS) Journal of information assurance and security (JIAS), 2016
Popis:	International audience; In the recent years, cyber-attacks have increased rapidly and have become more diverse and unpredictable. Having devastating impacts, the selection of appropriate countermeasures has become a major challenge. We present an attack description and response system based on multi-level rule expression language. It provides a framework to evaluate, identify, classify and defend against sophisticated attacks. Our approach helps simplify complex rules' expression and event handling, thanks to a modular architecture and intuitive rules along with a powerful expression language. The proposed system is flexible and takes into consideration several attack properties in order to simplify attack handling and aggregate defense mechanisms.
Databáze:	OpenAIRE
Externí odkaz:	https://explore.openaire.eu/search/publication?articleId=dedup_wf_001::28df3aaab5f4c85d1ed58a8f1d6927b0 https://hal.science/hal-01369587 Zobrazit plný text záznamu