TY - GEN
T1 - Towards an Autonomous Response System. Case
T2 - 5th International Conference on Real Time Intelligent Systems, RTIS 2023
AU - Torres, Romina
AU - Cabrera, Mathías
N1 - Publisher Copyright:
© The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.
PY - 2024
Y1 - 2024
N2 - Intrusion Detection Systems and similar tools continuously update their rule sets to align with evolving attack techniques across monitored and protected infrastructures. However, the ever-evolving threat landscape presents a significant challenge, as not every intrusion attempt can be reliably captured. Even upon detection, the efficacy of intrusion mitigation hinges on the agility of the response team and the chosen actions. In this work, we propose the implementation of a machine learning-driven Intrusion Response System (IRS) using the MAPE-K feedback loop cycle. This architecture empowers autonomous protection for multiple client machines against denial of service attacks. Our approach leverages the power of machine learning to enhance detection accuracy and response timeliness, addressing the limitations of traditional rule-based systems. Our experimental results demonstrate promising outcomes. Particularly, our basic implementation of port management showcases robust performance against denial of service attacks. This research contributes to the advancement of proactive cybersecurity measures by harnessing the potential of machine learning in intrusion detection and response, ultimately bolstering the overall security posture of network infrastructures.
AB - Intrusion Detection Systems and similar tools continuously update their rule sets to align with evolving attack techniques across monitored and protected infrastructures. However, the ever-evolving threat landscape presents a significant challenge, as not every intrusion attempt can be reliably captured. Even upon detection, the efficacy of intrusion mitigation hinges on the agility of the response team and the chosen actions. In this work, we propose the implementation of a machine learning-driven Intrusion Response System (IRS) using the MAPE-K feedback loop cycle. This architecture empowers autonomous protection for multiple client machines against denial of service attacks. Our approach leverages the power of machine learning to enhance detection accuracy and response timeliness, addressing the limitations of traditional rule-based systems. Our experimental results demonstrate promising outcomes. Particularly, our basic implementation of port management showcases robust performance against denial of service attacks. This research contributes to the advancement of proactive cybersecurity measures by harnessing the potential of machine learning in intrusion detection and response, ultimately bolstering the overall security posture of network infrastructures.
KW - Intrusion Detection System
KW - Intrusion Response System
KW - MAPE-K
KW - cybersecurity
KW - machine learning
UR - http://www.scopus.com/inward/record.url?scp=85189627930&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-55848-1_32
DO - 10.1007/978-3-031-55848-1_32
M3 - Conference contribution
AN - SCOPUS:85189627930
SN - 9783031558474
T3 - Lecture Notes in Networks and Systems
SP - 270
EP - 283
BT - Advances in Real-Time Intelligent Systems - Real-Time Intelligent Systems 2023
A2 - Pichappan, Pit
A2 - Rodriguez Jorge, Ricardo
A2 - Chung, Yao-Liang
PB - Springer Science and Business Media Deutschland GmbH
Y2 - 9 October 2023 through 11 October 2023
ER -