Business Intelligence

Limiting Uncertainty in Intrusion Response

Download Now Free registration required

Executive Summary

This paper explores techniques for limiting uncertainty in adaptive intrusion response systems and specifically in the Adaptive, Agent-based Intrusion Response System (AAIRS). Research by Cohen has explored the inadequacy of manual intrusion response and the need for automatic intrusion response. There is uncertainty in automatic intrusion response. Intrusion detection systems generate false alarms. The success or failure of a response is often not clear. Attackers attempt to mask their attacks so as to confuse the response system until it is too late. Automatic response systems must limit the effect of uncertainty in their internal decision-making and adapt over time to make better decisions. This paper addresses these issues by examining the AAIRS system and its techniques for limiting uncertainty.

  • Format: PDF
  • Size: 65.4 KB