Dissertation/Thesis Abstract

A framework for cost-sensitive automated selection of intrusion response
by Strasburg, Christopher Roy, M.S., Iowa State University, 2009, 76; 1468160
Abstract (Summary)

In recent years, cost-sensitive intrusion response has gained significant interest due to its emphasis on the balance between potential damage incurred by the intrusion and cost of the response. However, one of the challenges in applying this approach is defining a consistent and adaptable measurement framework to evaluate the expected benefit of a response. In this thesis we present a model and framework for the cost-sensitive assessment and selection of intrusion response. Specifically, we introduce a set of measurements that characterize the potential costs associated with the intrusion handling process, and propose an intrusion response evaluation method with respect to the risk of potential intrusion damage, the effectiveness of the response action and the response cost for a system. The proposed framework has the important quality of abstracting the system security policy from the response selection mechanism, permitting policy adjustments to be made without changes to the model. We provide an implementation of the proposed solution as an IDS-independent plugin tool, and demonstrate its advantages over traditional static response systems and an existing dynamic response system.

Indexing (document details)
Advisor: Wong, Johnny S., Basu, Samik
Commitee: Daniels, Tom
School: Iowa State University
Department: Computer Science
School Location: United States -- Iowa
Source: MAI 48/01M, Masters Abstracts International
Subjects: Computer science
Keywords: Metrics, Security
Publication Number: 1468160
ISBN: 978-1-109-32669-7
Copyright © 2021 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy