Download Now Free registration required
A suitable strategy for network intrusion tolerance - detecting intrusions and remedying them - depends on aspects of the domain being protected, such as the kinds of intrusion faced, the resources available for monitoring and remediation, and the level at which automated remediation can be carried out. The decision to remediate autonomically will have to consider the relative costs of performing a potentially disruptive remedy in the wrong circumstances and leaving it up to a slow, but more accurate, human operator. Autonomic remediation also needs to be withdrawn at some point - a phase of recovery to the normal network state. In this paper, the authors present a framework for deploying domain-adaptable intrusion-tolerance strategies in heterogeneous networks.
- Format: PDF
- Size: 268.6 KB