Abstract
Intrusion Response Systems (IRSs) have been a major research topic in the last decade. At the core of an IRS is the response selection algorithm, which selects the best response action to counter the currently detected attack. Most of the IRSs proposed so far, statically or dynamically evaluate the mapping between response actions and specific attacks, ignoring the actual system state, thus providing only short-term decisions. In this paper we propose a controller based on Markov Decision Process (MDP) for an autonomic IRS. The proposed controller is able to compose atomic response actions to create optimal long-term response policies to protect a system. Experimental results show that long-term policies are always more effective than short-term policies and that they can reduce the threat resolution time up to 56% in the considered scenario.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
