Skip to Main content Skip to Navigation
Book sections

Security Incident Response: Towards a Novel Decision-Making System

Abstract : Cyber-attacks have become more complex and unpredictable. Due to their devastating impacts, choosing the appropriate response has become a priority for corporations. This paper introduces an incident response system based on a supervised machine learning model. It offers a framework to process alerts and enhance them to classify and defend against sophisticated attacks. Our method helps security analysts handle alerts and apply the most appropriate response mechanisms, thanks to a high level of abstraction of attack description and supervised learning model. The proposed system is flexible and takes into account several attack properties in order to simplify attack handling and aggregate defense mechanisms. The originality of our work is the ability of this system to provide a response to an attack the system face for the first time.
Document type :
Book sections
Complete list of metadata
Contributor : Ahmed Serhrouchni Connect in order to contact the contributor
Submitted on : Thursday, July 22, 2021 - 11:26:14 PM
Last modification on : Monday, January 24, 2022 - 8:26:34 AM



Samih Souissi, Ahmed Serhrouchni, Layth Sliman, Benoit Charroux. Security Incident Response: Towards a Novel Decision-Making System. Intelligent Systems Design and Applications, pp.667-676, 2017, Intelligent Systems Design and Applications, 978-3-319-53480-0. ⟨10.1007/978-3-319-53480-0_66⟩. ⟨hal-03296920⟩



Record views