A Generic Taxonomy for Intrusion Specification and Response |
The paper presents a preliminary description of an intrusion taxonomy to aid the development of a generic intrusion specification and response platform. Existing intrusion taxonomies are assessed in order to derive a suitable classification of incidents that would be both detectable and addressable by an automated intrusion detection system. The issue of automated responses to intrusions is considered, along with the factors that would influence the level of response selected. This work represents a contribution to ongoing research in relation to the Intrusion Monitoring System, a conceptual architecture for Intrusion Detection.
Furnell SM, Magklaras GB, Papadaki M, Haskell-Dowland PS (Dowland PS)