Intranet Security with Micro-Firewalls and Mobile Agents for Proactive Intrusion Response
ICCNMC '01 Proceedings of the 2001 International Conference on Computer Networks and Mobile Computing (ICCNMC'01)
Analysis of an Intelligent Agent Intrusion Response System
WI-IATW '06 Proceedings of the 2006 IEEE/WIC/ACM international conference on Web Intelligence and Intelligent Agent Technology
Information Assurance: Dependability and Security in Networked Systems
Information Assurance: Dependability and Security in Networked Systems
The agent migration and fault-tolerance management in dynamic network security system
International Journal of Information Technology and Management
Network Security: Know It All: Know It All
Network Security: Know It All: Know It All
Intrusion Prevention in Information Systems: Reactive and Proactive Responses
Journal of Management Information Systems
Multi-agents system service based platform in telecommunication security incident reaction
GIIS'09 Proceedings of the Second international conference on Global Information Infrastructure Symposium
Using contextual security policies for threat response
DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
Hi-index | 0.00 |
Cooperative frameworks for intrusion detection and response exemplify a key area of today's computer research: automating defenses against malicious attacks that increasingly are taking place at grander speeds and scales to enhance the survivability of distributed systems and maintain mission critical functionality. At the individual host-level, intrusion response often includes security policy reconfiguration to reduce the risk of further penetrations. However, runtime policy changes may cause traditional software components, designed without (dynamic) security in mind, to fail in varying degrees, including termination of critical processes. This paper presents security agility, a strategy to provide software components with the security awareness and adaptability to address runtime security policy changes, describes how security agility is packaged in a prototype toolkit and illustrates how the toolkit can be integrated with intrusion detection and response frameworks to help automate flexible host-based response to intrusions.