{"title":"入侵响应系统(IRSs)响应方案的调查与调查","authors":"N. B. Anuar, M. Papadaki, S. Furnell, N. Clarke","doi":"10.1109/ISSA.2010.5588654","DOIUrl":null,"url":null,"abstract":"The rise of attacks and incidents need additional and distinct methods of response. This paper starts a discussion by differentiating the type of operation mode such as Intrusion Detection Systems (IDSs), Intrusion Prevention Systems (IPSs) and Intrusion Response Systems (IRSs). Using characteristics of response and attack time frame, a response model is proposed to distinguish between active and passive response options. The characteristics of response include level of operations, speed and time of response, ability to learn and ability to cooperate with other devices. This paper uses the attack time frame as a response model to show the relationship between active and passive response. Furthermore, the Response Model for Intrusion Response Systems shows some other different approaches and stages of active response. Finally, in order to investigate the most common response used by security practitioner and to justify the response model, studies involving 34 samples products from both commercial and non-commercial are analysed. As a result, this paper shows a clear distinction between the options of responses.","PeriodicalId":423118,"journal":{"name":"2010 Information Security for South Africa","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-09-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"50","resultStr":"{\"title\":\"An investigation and survey of response options for Intrusion Response Systems (IRSs)\",\"authors\":\"N. B. Anuar, M. Papadaki, S. Furnell, N. Clarke\",\"doi\":\"10.1109/ISSA.2010.5588654\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The rise of attacks and incidents need additional and distinct methods of response. This paper starts a discussion by differentiating the type of operation mode such as Intrusion Detection Systems (IDSs), Intrusion Prevention Systems (IPSs) and Intrusion Response Systems (IRSs). Using characteristics of response and attack time frame, a response model is proposed to distinguish between active and passive response options. The characteristics of response include level of operations, speed and time of response, ability to learn and ability to cooperate with other devices. This paper uses the attack time frame as a response model to show the relationship between active and passive response. Furthermore, the Response Model for Intrusion Response Systems shows some other different approaches and stages of active response. Finally, in order to investigate the most common response used by security practitioner and to justify the response model, studies involving 34 samples products from both commercial and non-commercial are analysed. As a result, this paper shows a clear distinction between the options of responses.\",\"PeriodicalId\":423118,\"journal\":{\"name\":\"2010 Information Security for South Africa\",\"volume\":\"31 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-09-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"50\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 Information Security for South Africa\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISSA.2010.5588654\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 Information Security for South Africa","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISSA.2010.5588654","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An investigation and survey of response options for Intrusion Response Systems (IRSs)
The rise of attacks and incidents need additional and distinct methods of response. This paper starts a discussion by differentiating the type of operation mode such as Intrusion Detection Systems (IDSs), Intrusion Prevention Systems (IPSs) and Intrusion Response Systems (IRSs). Using characteristics of response and attack time frame, a response model is proposed to distinguish between active and passive response options. The characteristics of response include level of operations, speed and time of response, ability to learn and ability to cooperate with other devices. This paper uses the attack time frame as a response model to show the relationship between active and passive response. Furthermore, the Response Model for Intrusion Response Systems shows some other different approaches and stages of active response. Finally, in order to investigate the most common response used by security practitioner and to justify the response model, studies involving 34 samples products from both commercial and non-commercial are analysed. As a result, this paper shows a clear distinction between the options of responses.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
