A Model-Free Approach to Intrusion Response Systems
نویسندگان
چکیده
With the rising number of data breaches, denial service attacks and general malicious activity facing modern computer networks, there is an increasing need to quickly effectively respond attacks. Intrusion Detection Systems provide automated method identifying within a network however development Response System which can automatically these alerts non-trivial. Current research in IRS proposes model-based methods for possible routes actor may take when attacking use subjective performance values cost benefit response, both be invalidated by increasingly dynamic nature topologies system configurations. The proposed this work utilises Model-free Reinforcement Learning approach evaluates agent's stopping two distinct multi-stage attack scenarios on virtualised testbed. Experimentation demonstrates that agent successfully halt find responses have minimal impact normal operation based experience gained through training. A further contribution novel environment more realistic than simulated tasks common previous literature.
منابع مشابه
A Response Strategy Model for Intrusion Response Systems
There are several types of security systems, which focus on detecting, mitigating and responding to incidents. Current response systems are largely based on manual incident response selection strategies, which can introduce delays between detection and response time. However, it would be beneficial if critical and urgent incidents are addressed as soon as possible before they jeopardised critic...
متن کاملA response selection model for intrusion response systems: Response Strategy Model (RSM)
Intrusion response systems aim to provide a systematic procedure to respond to incidents. However, with different type of response options, an automatic response system is designed to select appropriate response options automatically in order to act fast to respond to only true and critical incidents as well as minimise their impact. In addition, incidents also can be prioritised into different...
متن کاملA taxonomy of intrusion response systems
Recent advances in the field of intrusion detection brought new requirements to intrusion prevention and response. Traditionally, the response to an attack is manually triggered by an administrator. However, increased complexity and speed of the attack-spread during recent years show acute necessity for complex dynamic response mechanisms. Although intrusion detection systems are being actively...
متن کاملA Social Agent-Based Approach to Intrusion Detection Systems
Network Intrusion Detection Systems (NIDS) are designed to differentiate malicious traffic from normal traffic on a network system to detect the presence of an attack. Traditionally, the approach around which these systems are designed is based upon an assumption made by Dorothy Denning in 1987 stating that malicious traffic should be statistically differentiable from normal traffic [1]; howeve...
متن کاملA Robust Programming Approach to Bi-objective Optimization Model in the Disaster Relief Logistics Response Phase
Accidents and natural disasters and crises coming out of them indicate the importance of an integrated planning to reduce their effected. Therefore, disaster relief logistics is one of the main activities in disaster management. In this paper, we study the response phase of the disaster management cycle and a bi-objective model has been developed for relief chain logistic in uncertainty conditi...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Journal of information security and applications
سال: 2022
ISSN: ['2214-2134', '2214-2126']
DOI: https://doi.org/10.1016/j.jisa.2022.103150