Intrusion Response Systems: Foundations, Design, and Challenges

In the last few decades, various network attacks have emerged. This phenomenon requires serious consideration to address its extensive consequences. To overcome the effects of network attacks, an appropriate intrusion detection system and a real-time intrusion response system are required. In this p...

Full description

Saved in:
Bibliographic Details
Main Authors: Zakira, Inayat, Abdullah, Gani, Nor Badrul, Anuar, Muhammad Khuram, Khan, Shahid, Anwar
Format: Article
Published: Elsevier 2016
Subjects:
Online Access:http://umpir.ump.edu.my/id/eprint/11801/
http://dx.doi.org/10.1016/j.jnca.2015.12.006
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In the last few decades, various network attacks have emerged. This phenomenon requires serious consideration to address its extensive consequences. To overcome the effects of network attacks, an appropriate intrusion detection system and a real-time intrusion response system are required. In this paper, we present an IRS taxonomy based on design parameters to classify existing schemes. Furthermore, we investigate the essential response design parameters for IRS to mitigate attacks in real time and obtain a robust output. The majority of existing schemes disregard the importance of semantic coherence and dynamic response parameters in the response selection process. Therefore, most existing schemes produce inaccurate results by generating false alarms. These design parameters are comprehensively discussed in this paper. We have qualitatively analyzed existing IRS schemes on the basis of the response design parameters. Open research challenges are identified to highlight key research areas in this research domain.