A Model-Free Approach to Intrusion Response Systems

Roesch, 1999, Snort - lightweight intrusion detection for networks Somayaji, 2000, Automated response using system-call delays, 14 Roy, 2010, Cyber security analysis using attack countermeasure trees Shameli-Sendi, 2015, ORCEF: online response cost evaluation framework for intrusion response system, J Netw Comput Appl, 55, 89, 10.1016/j.jnca.2015.05.004 Foo, 2005, Adaptive intrusion response using attack graphs in an e-commerce environment, 508 Chung, 2013, NICE: Network intrusion detection and countermeasure selection in virtual network systems, IEEE Trans Dependable Secur Comput, 10, 198, 10.1109/TDSC.2013.8 Shameli-Sendi, 2018, Dynamic optimal countermeasure selection for intrusion response system, IEEE Trans Dependable Secur Comput, 15, 755, 10.1109/TDSC.2016.2615622 Li, 2018, Automatic selection of security service function chaining using reinforcement learning Zonouz, 2014, RRE: a game-theoretic intrusion response and recovery engine, IEEE Trans Parallel Distrib Syst, 25, 395, 10.1109/TPDS.2013.211 Iannucci, 2020, A model-integrated approach to designing self-protecting systems, IEEE Trans Softw Eng, 46, 1380, 10.1109/TSE.2018.2880218 Iannucci, 2020, A hybrid Model-free approach for the near-optimal intrusion response control of non-stationary systems, Futur Gener Comput Syst, 109, 111, 10.1016/j.future.2020.03.018 Zolotukhin, 2020, Reinforcement learning for attack mitigation in SDN-enabled networks Miehling, 2015, Optimal defense policies for partially observable spreading processes on Bayesian attack graphs, 67 Gonzalez-Granadillo, 2015, Selecting optimal countermeasures for attacks against critical systems using the attack volume model and the RORI index, Comput Electr Eng, 47, 13, 10.1016/j.compeleceng.2015.07.023 Sutton, 1999, Reinforcement learning: an introduction, Robotica, 17, 229 Bellman, 1957, A Markovian decision process, Indiana Univ Math J, 6, 679, 10.1512/iumj.1957.6.56038 Schulman J., Wolski F., Dhariwal P., Radford A., Klimov O. Proximal policy optimization algorithms 2017. Accessible at: arxiv.org/abs/1707.06347. Schulman, 2015, Trust region policy optimization, 3, 1889 Li, 2019, A dynamic decision-making approach for intrusion response in industrial control systems, IEEE Trans Ind Inform, 15, 2544, 10.1109/TII.2018.2866445 Rapid7. Metasploitable 2010 [online]. Accessible at: https://information.rapid7.com/download-metasploitable-2017.html Accessed February 10, 2021. Iannucci, 2016, A probabilistic approach to autonomic security management, 157 Mateos, 2012, Definition of response metrics for an ontology-based automated intrusion response systems, Comput Electr Eng, 10.1016/j.compeleceng.2012.06.001 Sharma, 2019, Intrusion detection and response system inspired by the defense mechanism of plants, IEEE Access, 7, 52427, 10.1109/ACCESS.2019.2912114 Li, 2010, An ontology-based intrusion alerts correlation system, Expert Syst Appl, 37, 7138, 10.1016/j.eswa.2010.03.068 Ji, 2016, Attack-defense trees based cyber security analysis for CPSs, 693 Lin, 2018, Runtime semantic security analysis to detect and mitigate control-related attacks in power grids, IEEE Trans Smart Grid, 9, 163, 10.1109/TSG.2016.2547742 Iannucci, 2016, Abdelwahed S. High-performance intrusion response planning on many-core architectures, 1 Ring, 2017, Flow-based benchmark data sets for intrusion detection, 361 Montemaggio, 2020, Designing a methodological framework for the empirical evaluation of self-protecting systems, 218 Strom B.E., Miller D.P., Nickels K.C., Pennington A.G., Thomas C.B. 2018. MITRE ATT&CK: design and philosophy. Accessible at: https://attack.mitre.org/docs/ATTACK_Design_and_Philosophy_March_2020.pdf.