A decisional framework system for computer network intrusion detection [An article from: European Journal of Operational Research]

This digital document is a journal article from European Journal of Operational Research, published by Elsevier in 2007. The article is delivered in HTML format and is available in your Amazon.com Media Library immediately after purchase. You can view it with any web browser.

Description:
This paper presents a multi-attribute decisional framework for computer network intrusion detection. First, a cost model that allows to estimate accurately the damage resulting from a security incident is described. Then, a multi-attribute optimization algorithm is applied to select the optimal decision based on alternatives to remedy such incidents. The major interest is that the proposed approach can be applied in collaborative reactive intrusion detection where human experts are assisted by automated tools to find the best response. The approach would allow the possibility to assess the performance of the whole system depending on the performance of each constituents' leading to a definition of optimality conditions on the introduced framework.