Toward a novel classification-based attack detection and response architecture

Samih Souissi
2015 2015 6th International Conference on the Network of the Future (NOF)  
Attacks on information systems have increased tremendously and have become more diverse and complex. Evolving in an unpredictable manner and having devastating outcomes, the detection and the selection of appropriate countermeasures has become a priority for security analysts. This paper introduces a classification-based Attack Detection system which provides a framework to evaluate, identify, classify and defend against sophisticated attacks. Our approach helps simplify complex rules'
more » ... n and alert handling, thanks to a modular architecture and an intuitive rules defining with a high power of expression language. The proposed system is flexible and takes into account several attack properties in order to simplify attack handling and aggregate defense mechanisms.
doi:10.1109/nof.2015.7333305 dblp:conf/nof/Souissi15 fatcat:3vlkydxvxzh77gmqyxpm3b5nea