Konferenzbeitrag
Comparison and Improvement of Metrics for Selecting Intrusion Response Measures against DoS Attacks
Lade...
Volltext URI
Dokumententyp
Text/Conference Paper
Dateien
Zusatzinformation
Datum
2008
Autor:innen
Zeitschriftentitel
ISSN der Zeitschrift
Bandtitel
Verlag
Gesellschaft für Informatik e. V.
Zusammenfassung
This contribution presents a comparison of metrics used in different ap- proaches for selecting appropriate intrusion response measures in the case of attacks against computer systems and networks. Most of the work is focused on Denial-of- Service (DoS) attacks. Besides an overview on the techniques and frameworks known from earlier and recent literature, an alternative approach is presented which models the effects of attacks and according response actions in a dynamic fashion, using directed graphs. Certain properties of the graphs are utilized to quantify different response metrics, closely aligned to the pragmatic view of a network security officer. Subsequently, the different metrics are compared and their advantages and disadvantages are discussed in the light of applicability in real-world networks.