Sciweavers

RAID
1999
Springer

Intrusion Detection for an On-Going Attack

14 years 4 months ago
Intrusion Detection for an On-Going Attack
An intrusion-detection system (IDS) for an on-going attack is described. Prior to an attack, an IDS operates in anticipation of a general threat. During an attack, the IDS can deal less in the general and more in the particular- namely, particulars about attackers and attacked devices. A profile of the attacker is developed, using information he reveals about himself during his attacks. Principles from economics are used to predict the attacker's behavior, based on estimates of his asset-appraisal, attack-costs and attack-resources. Likelycompromised devices (LCDs) are identified, using the profile and the economics-based estimates. Knowledge of LCDs is useful for work in attack repair, neutralization and containment.
Jim Yuill, Shyhtsun Felix Wu, Fengmin Gong, Ming-Y
Added 04 Aug 2010
Updated 04 Aug 2010
Type Conference
Year 1999
Where RAID
Authors Jim Yuill, Shyhtsun Felix Wu, Fengmin Gong, Ming-Yuh Huang
Comments (0)