Skip to main content

Expanding topological vulnerability analysis to intrusion detection through the incident response intelligence system

Buy Article:

$54.08 plus tax (Refund Policy)

Abstract:

Purpose ‐ The paper proposes looking at the automation of the incident response (IR) process, through formal, systematic and standardized methods for collection, normalization and correlation of security data (i.e. vulnerability, exploit and intrusion detection information). Design/methodology/approach ‐ The paper proposes the incident response intelligence system (IRIS) that models the context of discovered vulnerabilities, calculates their significance, finds and analyzes potential exploit code and defines the necessary intrusion detection signatures that combat possible attacks, using standardized techniques. It presents the IRIS architecture and operations, as well as the implementation issues. Findings ‐ The paper presents detailed evaluation results obtained from real-world application scenarios, including a survey of the users' experience, to highlight IRIS contribution in the area of IR. Originality/value ‐ The paper introduces the IRIS, a system that provides detailed security information during the entire lifecycle of a security incident, facilitates decision support through the provision of possible attack and response paths, while deciding on the significance and magnitude of an attack with a standardized method.

Keywords: Computer crime; Data security; Risk management

Document Type: Research Article

DOI: http://dx.doi.org/10.1108/09685221011079207

Publication date: October 12, 2010

mcb/046/2010/00000018/00000004/art00004
dcterms_title,dcterms_description,pub_keyword
6
5
20
40
5

Access Key

Free Content
Free content
New Content
New content
Open Access Content
Open access content
Subscribed Content
Subscribed content
Free Trial Content
Free trial content
Cookie Policy
X
Cookie Policy
Ingenta Connect website makes use of cookies so as to keep track of data that you have filled in. I am Happy with this Find out more