Dissertation > Excellent graduate degree dissertation topics show

Research and Implementation of Automated Intrusion Response System

Author: ZhangHongShui
Tutor: JiaXiaoZhu
School: Qingdao University
Course: Applied Computer Technology
Keywords: Automated Intrusion Response plan recognition the best choice of the cost
CLC: TP393.08
Type: Master's thesis
Year: 2008
Downloads: 61
Quote: 0
Read: Download Dissertation

Abstract


With the development of network and information, security problems become more serious than ever. As the instruments of attack become more and more complex and automated, the traditional static response strategies cannot satisfy the present requirement of intrusion response. Automatic response technique is highlighted in recent research. However, the Automated Intrusion Response System (AIRS) is still in its primitive stage so far. Many technical problems such as how to enhance the efficiency of the response and reduce the damage of the system and how to realize speediness and rationality and intelligent haven’t been solved completely.This paper takes the existing intrusion detection system as its application background and study the intrusion response technology.Firstly, this paper introduces the basic knowledge of IRS, including research actuality abroad and at home, main system models, and key response technologies, and then analyzes the correlated main problems of IRS.Secondly, aiming at the current problem that the number of the raw alert is too big and the quality is too low, a model that can deeply process the raw alerts is presented, in which the technologies of filter-fusion and correlation are introduced. In order to find the real purpose of attack, the algorithm of Plan Recognition is presented on the basis of the introduction of other correlation approaches, Then some experiments are done using the IDS evaluating dataset of DARPA which is developed by MIT Lincoln laboratory in 2000, which prove that this model can reduce the number of alerts, reconstruct the process of attacks and improve the quality of alerts. The performance of this model laid the groundwork for future correct response decision-making.Finally, based on the summary of IRS studies, an automatic model of intrusion response system is presented. The model firstly introduces the diffluence agent in order to reduce the time of response and improve the efficiency of response, according to the result of the response. Then this paper puts forward the Cost based Optimal Response Decision model (CORD) inspired by Wenke Lee’s cost sensitive model. This model takes into account the threat of attack, the negative response cost and the cost of response, and makes the optimization response choice come true, which is proved by related experiments.

Related Dissertations

  1. The Application of Plan Recognition in Monitoring the Money Flow for the Stock Market,TP18
  2. Research on the Advanced Model of Automated Intrusion Response Based on the Intrusion Prediction,TP393.08
  3. A Study on Intrusion Response Decision Technology Based on Risk,TP393.08
  4. Study of Automated Intrusion Response,TP393.08
  5. The Application of Plan Recognition in the Automated Intrusion System,TP393.08
  6. Network Security Risk Assessment and Intrusion Response,TP393.08
  7. Corporate pension accounting research,F842.6
  8. Research of Technologies for Situation Assessment in Data Fusion,TP14
  9. The Research and Application of Plan Recognition in Intrusion Detection System,TP393.08
  10. Opponents plan based on planning graph recognition method,TP391.41
  11. Study of Situation Assessment Techniques in Information Fusion System,TP311.1
  12. A Method of Hostile Plan Recognition Based on DCSP,TP18
  13. The Plan Recognition Based on Probabilistic Goal Graph,TP18
  14. RoboCup simulation team coach model,TP242
  15. Study on Method of Network Multi-stage Attack Plan Recognition,TP393.08
  16. Research on Key Technology in Situation Assessment,E91
  17. Research and Implementation of the Probabilistic Plan Recognition System Based on Plan Knowledge Graph,TP391.41
  18. The Study of the Intrusion Detection System Based on Plan,TP393.08
  19. The Research of Information Countermeasures Based on the Tactical Plan Recognition,TP309
  20. Research and Implementation of the Probabilistic Plan Recognition Based on EG-Pruning,TP391.41

CLC: > Industrial Technology > Automation technology,computer technology > Computing technology,computer technology > Computer applications > Computer network > General issues > Computer Network Security
© 2012 www.DissertationTopic.Net  Mobile