Online Risk Assessment of Intrusion Scenarios Using D-S Evidence Theory [chapter]

C. P. Mu, X. J. Li, H. K. Huang, S. F. Tian
2008 Lecture Notes in Computer Science  
In the paper, an online risk assessment model based on D-S evidence theory is presented. The model can quantitate the risk caused by an intrusion scenario in real time and provide an objective evaluation of the target security state. The results of the online risk assessment show a clear and concise picture of both the intrusion progress and the target security state. The model makes full use of available information from both IDS alerts and protected targets. As a result, it can deal with
more » ... tainties and subjectiveness very well in its evaluation process. In IDAM&IRS, the model serves as the foundation for intrusion response decision-making.
doi:10.1007/978-3-540-88313-5_3 fatcat:7qbmeow3fbavxb4c6irtbr6xdm