Using Contextual Security Policies for Threat Response

@inproceedings{Debar2006UsingCS,
  title={Using Contextual Security Policies for Threat Response},
  author={Herv{\'e} Debar and Yohann Thomas and Nora Cuppens-Boulahia and Fr{\'e}d{\'e}ric Cuppens},
  booktitle={DIMVA},
  year={2006}
}
With the apparition of accurate security monitoring tools, the gathered alerts are requiring operators to take action to prevent damage from attackers. Intrusion prevention currently provides isolated response mechanisms that may take a local action upon an attack. While this approach has been taken to enhance the security of particular network access control points, it does not constitute a comprehensive approach to threat response. In this paper, we will examine a new mechanism for adapting… CONTINUE READING
Highly Cited
This paper has 22 citations. REVIEW CITATIONS