Internet Archive Scholar

Expression and Deployment of Reaction Policies

Frédéric Cuppens, Nora Cuppens-Boulahia, Yacine Bouzida, Wael Kanoun, Aurélien Croissant
2008 2008 IEEE International Conference on Signal Image Technology and Internet Based Systems  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.0 MB)
https://web.archive.org/web/20170927112346/https://hal.archives-ouvertes.fr/hal-00540778/document

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL. The file type is application/pdf.

Current prevention techniques provide restrictive responses that may take a local reaction in a limited information system infrastructure. In this paper, an in depth and comprehensive approach is introduced for responding to intrusions in an efficient way. This approach considers not only the threat and the architecture of the monitored information system, but also the security policy. The proposed reaction workflow links the lowest level of the information system corresponding to intrusion
more » ... ction mechanisms, including misuse and anomaly techniques, and access control techniques with the higher level of the security policy. This reaction workflow evaluates the intrusion alerts at three different levels, it then reacts against threats with appropriate counter measures in each level accordingly.
doi:10.1109/sitis.2008.96 dblp:conf/sitis/CuppensCBKC08 fatcat:sh4fexndqjennmkqorpzivnad4
Citation

Frédéric Cuppens, Nora Cuppens-Boulahia, Yacine Bouzida, Wael Kanoun, Aurélien Croissant. "Expression and Deployment of Reaction Policies." 2008 IEEE International Conference on Signal Image Technology and Internet Based Systems (2008) 118-127