A Generic Software Architecture for Deception-Based Intrusion Detection and Response Systems

Abstract

Today, intrusion detection systems provide for detecting intrusive patterns of interaction. Although the responses of such systems are typically limited to primitive actions, they can be supplemented with deception-based strategies. We propose a generic software architecture combining intrusion detection and deceptive response capabilities in a uniform structure. Detecting and responding to attacks are realized via runtime instrumentation of kernel-based modules. The architecture provides for dynamically adjusting system performance to maintain continuity and integrity of both legitimate services and security activities.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 01, 2003
Accession Number
ADA415021

Entities

People

  • Engin Uzuncaova

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • C4I
  • Cyber
  • Engineered Resilient Systems
  • Ground and Sea Platforms
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Computer Programming
  • Computer Science
  • Computers
  • Cyberattacks
  • Cybersecurity
  • Detection
  • Detectors
  • Information Systems
  • Information Warfare
  • Instrumentation
  • Intrusion
  • Intrusion Detection
  • Intrusion Detection Systems
  • Intrusion Detectors
  • Security
  • Software Design
  • Software Development

Fields of Study

  • Computer science

Readers

  • Agent-Based Social Robotics and Mobile-Assisted Learning in Virtual Environments.
  • Computer Vision.
  • Strategic Security Studies