Towards an Autonomous Response System. Case: Denial of Service Attacks

Romina Torres, Mathías Cabrera

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Intrusion Detection Systems and similar tools continuously update their rule sets to align with evolving attack techniques across monitored and protected infrastructures. However, the ever-evolving threat landscape presents a significant challenge, as not every intrusion attempt can be reliably captured. Even upon detection, the efficacy of intrusion mitigation hinges on the agility of the response team and the chosen actions. In this work, we propose the implementation of a machine learning-driven Intrusion Response System (IRS) using the MAPE-K feedback loop cycle. This architecture empowers autonomous protection for multiple client machines against denial of service attacks. Our approach leverages the power of machine learning to enhance detection accuracy and response timeliness, addressing the limitations of traditional rule-based systems. Our experimental results demonstrate promising outcomes. Particularly, our basic implementation of port management showcases robust performance against denial of service attacks. This research contributes to the advancement of proactive cybersecurity measures by harnessing the potential of machine learning in intrusion detection and response, ultimately bolstering the overall security posture of network infrastructures.

Original languageEnglish
Title of host publicationAdvances in Real-Time Intelligent Systems - Real-Time Intelligent Systems 2023
EditorsPit Pichappan, Ricardo Rodriguez Jorge, Yao-Liang Chung
PublisherSpringer Science and Business Media Deutschland GmbH
Pages270-283
Number of pages14
ISBN (Print)9783031558474
DOIs
StatePublished - 2024
Externally publishedYes
Event5th International Conference on Real Time Intelligent Systems, RTIS 2023 - Luton, United Kingdom
Duration: 9 Oct 202311 Oct 2023

Publication series

NameLecture Notes in Networks and Systems
Volume950 LNNS
ISSN (Print)2367-3370
ISSN (Electronic)2367-3389

Conference

Conference5th International Conference on Real Time Intelligent Systems, RTIS 2023
Country/TerritoryUnited Kingdom
CityLuton
Period9/10/2311/10/23

Keywords

  • Intrusion Detection System
  • Intrusion Response System
  • MAPE-K
  • cybersecurity
  • machine learning

Fingerprint

Dive into the research topics of 'Towards an Autonomous Response System. Case: Denial of Service Attacks'. Together they form a unique fingerprint.

Cite this