Online risk assessment of intrusion scenarios using D-S evidence theory

C. P. Mu; X. J. Li; H. K. Huang; S. F. Tian

doi:10.1007/978-3-540-88313-5_3

Online risk assessment of intrusion scenarios using D-S evidence theory

C. P. Mu, X. J. Li, H. K. Huang, S. F. Tian

School of Mechatronical Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

31 Citations (Scopus)

Abstract

In the paper, an online risk assessment model based on D-S evidence theory is presented. The model can quantitate the risk caused by an intrusion scenario in real time and provide an objective evaluation of the target security state. The results of the online risk assessment show a clear and concise picture of both the intrusion progress and the target security state. The model makes full use of available information from both IDS alerts and protected targets. As a result, it can deal with uncertainties and subjectiveness very well in its evaluation process. In IDAM&IRS, the model serves as the foundation for intrusion response decision-making.

Original language	English
Title of host publication	Computer Security - ESORICS 2008 - 13th European Symposium on Research in Computer Security, Proceedings
Publisher	Springer Verlag
Pages	35-48
Number of pages	14
ISBN (Print)	3540883126, 9783540883128
DOIs	https://doi.org/10.1007/978-3-540-88313-5_3
Publication status	Published - 2008
Event	13th European Symposium on Research in Computer Security, ESORICS 2008 - Malaga, Spain Duration: 6 Oct 2008 → 8 Oct 2008

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	5283 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	13th European Symposium on Research in Computer Security, ESORICS 2008
Country/Territory	Spain
City	Malaga
Period	6/10/08 → 8/10/08

Keywords

Alert processing
D-S evidence theory
Intrusion detection
Intrusion response
Online risk assessment

Access to Document

10.1007/978-3-540-88313-5_3

Cite this

Mu, C. P., Li, X. J., Huang, H. K., & Tian, S. F. (2008). Online risk assessment of intrusion scenarios using D-S evidence theory. In Computer Security - ESORICS 2008 - 13th European Symposium on Research in Computer Security, Proceedings (pp. 35-48). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5283 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-540-88313-5_3

Mu, C. P. ; Li, X. J. ; Huang, H. K. et al. / Online risk assessment of intrusion scenarios using D-S evidence theory. Computer Security - ESORICS 2008 - 13th European Symposium on Research in Computer Security, Proceedings. Springer Verlag, 2008. pp. 35-48 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{4f0c451d88a54b3c99858ad10e858685,

title = "Online risk assessment of intrusion scenarios using D-S evidence theory",

abstract = "In the paper, an online risk assessment model based on D-S evidence theory is presented. The model can quantitate the risk caused by an intrusion scenario in real time and provide an objective evaluation of the target security state. The results of the online risk assessment show a clear and concise picture of both the intrusion progress and the target security state. The model makes full use of available information from both IDS alerts and protected targets. As a result, it can deal with uncertainties and subjectiveness very well in its evaluation process. In IDAM&IRS, the model serves as the foundation for intrusion response decision-making.",

keywords = "Alert processing, D-S evidence theory, Intrusion detection, Intrusion response, Online risk assessment",

author = "Mu, {C. P.} and Li, {X. J.} and Huang, {H. K.} and Tian, {S. F.}",

year = "2008",

doi = "10.1007/978-3-540-88313-5_3",

language = "English",

isbn = "3540883126",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "35--48",

booktitle = "Computer Security - ESORICS 2008 - 13th European Symposium on Research in Computer Security, Proceedings",

address = "Germany",

note = "13th European Symposium on Research in Computer Security, ESORICS 2008 ; Conference date: 06-10-2008 Through 08-10-2008",

}

Mu, CP, Li, XJ, Huang, HK & Tian, SF 2008, Online risk assessment of intrusion scenarios using D-S evidence theory. in Computer Security - ESORICS 2008 - 13th European Symposium on Research in Computer Security, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 5283 LNCS, Springer Verlag, pp. 35-48, 13th European Symposium on Research in Computer Security, ESORICS 2008, Malaga, Spain, 6/10/08. https://doi.org/10.1007/978-3-540-88313-5_3

Online risk assessment of intrusion scenarios using D-S evidence theory. / Mu, C. P.; Li, X. J.; Huang, H. K. et al.
Computer Security - ESORICS 2008 - 13th European Symposium on Research in Computer Security, Proceedings. Springer Verlag, 2008. p. 35-48 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5283 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Online risk assessment of intrusion scenarios using D-S evidence theory

AU - Mu, C. P.

AU - Li, X. J.

AU - Huang, H. K.

AU - Tian, S. F.

PY - 2008

Y1 - 2008

N2 - In the paper, an online risk assessment model based on D-S evidence theory is presented. The model can quantitate the risk caused by an intrusion scenario in real time and provide an objective evaluation of the target security state. The results of the online risk assessment show a clear and concise picture of both the intrusion progress and the target security state. The model makes full use of available information from both IDS alerts and protected targets. As a result, it can deal with uncertainties and subjectiveness very well in its evaluation process. In IDAM&IRS, the model serves as the foundation for intrusion response decision-making.

AB - In the paper, an online risk assessment model based on D-S evidence theory is presented. The model can quantitate the risk caused by an intrusion scenario in real time and provide an objective evaluation of the target security state. The results of the online risk assessment show a clear and concise picture of both the intrusion progress and the target security state. The model makes full use of available information from both IDS alerts and protected targets. As a result, it can deal with uncertainties and subjectiveness very well in its evaluation process. In IDAM&IRS, the model serves as the foundation for intrusion response decision-making.

KW - Alert processing

KW - D-S evidence theory

KW - Intrusion detection

KW - Intrusion response

KW - Online risk assessment

UR - http://www.scopus.com/inward/record.url?scp=57049181381&partnerID=8YFLogxK

U2 - 10.1007/978-3-540-88313-5_3

DO - 10.1007/978-3-540-88313-5_3

M3 - Conference contribution

AN - SCOPUS:57049181381

SN - 3540883126

SN - 9783540883128

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 35

EP - 48

BT - Computer Security - ESORICS 2008 - 13th European Symposium on Research in Computer Security, Proceedings

PB - Springer Verlag

T2 - 13th European Symposium on Research in Computer Security, ESORICS 2008

Y2 - 6 October 2008 through 8 October 2008

ER -

Mu CP, Li XJ, Huang HK, Tian SF. Online risk assessment of intrusion scenarios using D-S evidence theory. In Computer Security - ESORICS 2008 - 13th European Symposium on Research in Computer Security, Proceedings. Springer Verlag. 2008. p. 35-48. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-540-88313-5_3

Online risk assessment of intrusion scenarios using D-S evidence theory

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this