An Architectural Design to Address the Impact of Adaptations on Intrusion Detection Systems
| dc.contributor.author | Riley, Ian | |
| dc.contributor.author | Marshall, Allen | |
| dc.contributor.author | Quirk, Logan | |
| dc.contributor.author | Gamble, Rose | |
| dc.date.accessioned | 2022-12-27T19:24:27Z | |
| dc.date.available | 2022-12-27T19:24:27Z | |
| dc.date.issued | 2023-01-03 | |
| dc.description.abstract | Many self-adaptive, autonomous systems rely on component technologies to report anomalies to planning processes that can choose adaptations. What if the analysis technologies themselves need to be adapted? We consider an intrusion detection system (IDS) supported by two component technologies that assist its decision making: a neural network that finds security anomalies and an attack graph that informs the IDS about system states of interest. The IDS’s purpose is to send alerts regarding security anomalies. Planning processes respond to alerts by selecting mitigation strategies. Mitigations are imposed system-wide and can result in adaptations to the analysis technology, such as the IDS. Thus, without adaptation it may reach a state of stagnation in its detection quality. In this paper, we describe an architectural design for an adaptive layer that works directly with an IDS. We examine two use cases involving different mitigation strategies and their impact on the IDS’s supporting components. | |
| dc.format.extent | 10 | |
| dc.identifier.doi | 10.24251/HICSS.2023.832 | |
| dc.identifier.isbn | 978-0-9981331-6-4 | |
| dc.identifier.other | fa0e2035-bcfa-4925-bc7f-7070238f52e5 | |
| dc.identifier.uri | https://hdl.handle.net/10125/103466 | |
| dc.language.iso | eng | |
| dc.relation.ispartof | Proceedings of the 56th Hawaii International Conference on System Sciences | |
| dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 International | |
| dc.rights.uri | https://creativecommons.org/licenses/by-nc-nd/4.0/ | |
| dc.subject | Self-Adaptive Systems and Applications | |
| dc.subject | attack graphs | |
| dc.subject | intrusion detection systems | |
| dc.subject | neural networks | |
| dc.subject | self-adaptive systems | |
| dc.title | An Architectural Design to Address the Impact of Adaptations on Intrusion Detection Systems | |
| dc.type.dcmi | text | |
| prism.startingpage | 6873 |
Files
Original bundle
1 - 1 of 1