Skip to Main content Skip to Navigation
Book sections

Security Incident Response: Towards a Novel Decision-Making System

Abstract : Cyber-attacks have become more complex and unpredictable. Due to their devastating impacts, choosing the appropriate response has become a priority for corporations. This paper introduces an incident response system based on a supervised machine learning model. It offers a framework to process alerts and enhance them to classify and defend against sophisticated attacks. Our method helps security analysts handle alerts and apply the most appropriate response mechanisms, thanks to a high level of abstraction of attack description and supervised learning model. The proposed system is flexible and takes into account several attack properties in order to simplify attack handling and aggregate defense mechanisms. The originality of our work is the ability of this system to provide a response to an attack the system face for the first time.
Document type :
Book sections
Complete list of metadata

https://hal.telecom-paris.fr/hal-03296920
Contributor : Ahmed Serhrouchni <>
Submitted on : Thursday, July 22, 2021 - 11:26:14 PM
Last modification on : Saturday, July 24, 2021 - 3:44:33 AM

Identifiers

Collections

Citation

Samih Souissi, Ahmed Serhrouchni, Layth Sliman, Benoit Charroux. Security Incident Response: Towards a Novel Decision-Making System. Intelligent Systems Design and Applications, pp.667-676, 2017, Intelligent Systems Design and Applications, 978-3-319-53480-0. ⟨10.1007/978-3-319-53480-0_66⟩. ⟨hal-03296920⟩

Share

Metrics

Record views

15