13.6. Benchmarking Intrusion Response Systems

It is important to benchmark any IRS using quantifiable metrics. This is a nascent field within IRS design and development and one which needs significant work to get to maturity. Hence, this section is based around a suggested course of action for future development and an example from an existing IRS, ADEPTS. The metrics should capture the two essential goals of IRSs: to provide gracefully degraded functionality in the presence of attacks and to make a system more robust to future attacks. These two notions are addressed respectively by the metrics survivability and vulnerability.

One commonly accepted definition of survivability is the capacity of a system to provide essential services in the face ...

Get Information Assurance now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.