A Test-driven Action Verification Method for Intrusion Response Systems

Pushpinder Chouhan, Bronagh Lanigan, Alfie Beard, Luke Chen

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Internet of Things (IoT) applications are key targets for cyberattacks, which will cost $31bn by 2025. A considerable amount of research has been undertaken on detecting cyberattacks, mainly through Intrusion Detection Systems (IDS), which focus on detecting cyberattacks in real time. On the other hand, Intrusion Response Systems (IRS) deploy automated responses to mitigate detected attacks. IRSs use various techniques to select appropriate actions to detected attacks in order to mitigate against the effects of the attack. However, little attention has been paid to verifying the selected action before deployment. Deploying inappropriate actions can lead to unnecessary damage. Action verification ensures that actions and incidents are in agreement before deploying the actions for that specific incident. It also verifies that the selected actions are appropriate for the incident they’re linked with. In this paper, we propose a test-driven action verification method for action selection. Specifically, we characterize and explicitly model the impact of an attack and an action on the confidentiality, integrity and availability of a host. We then establish an action verification model to calculate action selection scores based on a carefully designed test. The approach is tested and evaluated in a real-world IoT scenario, and initial results demonstrate its effectiveness.
Original languageEnglish
Title of host publicationProceedings - 2023 IEEE International Conference on Metaverse Computing, Networking and Applications, MetaCom 2023
PublisherIEEE
Pages114-118
Number of pages5
ISBN (Electronic)979-8-3503-3333-6
ISBN (Print)979-8-3503-3334-3
DOIs
Publication statusPublished (in print/issue) - 6 Oct 2023

Publication series

NameProceedings - 2023 IEEE International Conference on Metaverse Computing, Networking and Applications, MetaCom 2023

Bibliographical note

Publisher Copyright:
© 2023 IEEE.

Keywords

  • Action verification
  • Cyberattacks
  • Cybersecurity
  • Internet of Things
  • Intrusion Response System
  • Knowledge-driven decision making
  • Test-driven analysis

Fingerprint

Dive into the research topics of 'A Test-driven Action Verification Method for Intrusion Response Systems'. Together they form a unique fingerprint.

Cite this