Volumen 5 No. especial (2014) - TIC.EC: Congreso Ecuatoriano de Tecnologías de la Información y Comunicaciones

Permanent URI for this collectionhttps://dspace-test.ucuenca.edu.ec/handle/123456789/21329

Browse

Browsing Volumen 5 No. especial (2014) - TIC.EC: Congreso Ecuatoriano de Tecnologías de la Información y Comunicaciones by Author "Caiza, Julio C."

Filter results by typing the first few letters
Now showing 1 - 1 of 1
  • Thumbnail Image
    Item
    Response toolkit to provide an active response against intrusions using Ontology-Based IRS
    (Universidad de Cuenca, 2014) Guamán, Danny S.; Caiza, Julio C.; Mateos, Verónica; Universidad de Cuenca; Dirección de Investigación de la Universidad de Cuenca; DIUC
    Active response systems are intended to run an automatic response against an intrusion. However, running an automatic response is not a trivial task because the execution cost could cause a greater negative effect than the intrusion itself. Also, the system should have a broad set of responses and an algorithm to select the optimal response. This paper proposes a response toolkit that is integrated into an ontology-based IRS to allow automatic execution of the best response against a detected intrusion. A set of host-based and network-based responses that can be performed by an IRS is presented. The response execution is performed by several plugin-based agents that have been distributed over the network. The verification of this proposal is made in a defacement attack case with satisfactory results.