 |
Book sections
Security Incident Response: Towards a Novel Decision-Making System
Abstract : Cyber-attacks have become more complex and unpredictable. Due to their devastating impacts, choosing the appropriate response has become a priority for corporations. This paper introduces an incident response system based on a supervised machine learning model. It offers a framework to process alerts and enhance them to classify and defend against sophisticated attacks. Our method helps security analysts handle alerts and apply the most appropriate response mechanisms, thanks to a high level of abstraction of attack description and supervised learning model. The proposed system is flexible and takes into account several attack properties in order to simplify attack handling and aggregate defense mechanisms. The originality of our work is the ability of this system to provide a response to an attack the system face for the first time.
https://hal.telecom-paris.fr/hal-03296920
Contributor : Ahmed Serhrouchni Connect in order to contact the contributor
Submitted on : Thursday, July 22, 2021 - 11:26:14 PM
Last modification on : Monday, January 24, 2022 - 8:26:34 AM
Contributor : Ahmed Serhrouchni Connect in order to contact the contributor
Submitted on : Thursday, July 22, 2021 - 11:26:14 PM
Last modification on : Monday, January 24, 2022 - 8:26:34 AM