Security Incident Response: Towards a Novel Decision-Making System - Télécom Paris Accéder directement au contenu
Chapitre D'ouvrage Année : 2017

Security Incident Response: Towards a Novel Decision-Making System

Résumé

Cyber-attacks have become more complex and unpredictable. Due to their devastating impacts, choosing the appropriate response has become a priority for corporations. This paper introduces an incident response system based on a supervised machine learning model. It offers a framework to process alerts and enhance them to classify and defend against sophisticated attacks. Our method helps security analysts handle alerts and apply the most appropriate response mechanisms, thanks to a high level of abstraction of attack description and supervised learning model. The proposed system is flexible and takes into account several attack properties in order to simplify attack handling and aggregate defense mechanisms. The originality of our work is the ability of this system to provide a response to an attack the system face for the first time.
Fichier non déposé

Dates et versions

hal-03296920 , version 1 (22-07-2021)

Identifiants

Citer

Samih Souissi, Ahmed Serhrouchni, Layth Sliman, Benoit Charroux. Security Incident Response: Towards a Novel Decision-Making System. Intelligent Systems Design and Applications, pp.667-676, 2017, Intelligent Systems Design and Applications, 978-3-319-53480-0. ⟨10.1007/978-3-319-53480-0_66⟩. ⟨hal-03296920⟩
24 Consultations
0 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More