Toward a novel classification-based attack detection and response architecture
| Autor: | Samih Souissi |
|---|---|
| Přispěvatelé: | Télécom ParisTech |
| Rok vydání: | 2015 |
| Předmět: |
Attack detection and response
Modular Architecture Computer science Firewall Modular architecture Expression (computer science) Intrusion Detection and Prevention Systems Computer security computer.software_genre Detection Rules [INFO.INFO-CL]Computer Science [cs]/Computation and Language [cs.CL] Web Application Firewall [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] Firewall (construction) Selection (linguistics) Information system Attack classification Application firewall Architecture Intrusion prevention system computer |
| Zdroj: | NOF 2015 6th International Conference on the Network of the Future (NOF) Network of the Future 2015 Network of the Future 2015, Sep 2015, Montréal, Canada. ⟨10.1109/NOF.2015.7333305⟩ |
| Popis: | International audience; Attacks on information systems have increased tremendously and have become more diverse and complex. Evolving in an unpredictable manner and having devastating outcomes, the detection and the selection of appropriate countermeasures has become a priority for security analysts. This paper introduces a classification-based Attack Detection system which provides a framework to evaluate, identify, classify and defend against sophisticated attacks. Our approach helps simplify complex rules' expression and alert handling, thanks to a modular architecture and an intuitive rules defining with a high power of expression language. The proposed system is flexible and takes into account several attack properties in order to simplify attack handling and aggregate defense mechanisms. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|