@InProceedings{curtis00a,
  author =	 {Curtis A. Carver Jr. and John M.D. Hill and John
                  R. Surdu and Udo W. Pooch},
  title =	 {A Methodology for Using Intelligent Agents to
                  provide Automated Intrusion Response},
  googleid =	 {AVxwxdAeMAgJ:scholar.google.com/},
  booktitle =	 {Proceedings of the {IEEE} Workshop on Information
                  Assurance and Security},
  year =	 2000,
  abstract =	 {This paper proposes a new methodology for adaptive,
                  automated intrusion response (IR) using software
                  agents. The majority of intrusion response systems
                  (IRSs) react to attacks by generating reports or
                  alarms. This introduces a window of vulnerability
                  between when an intrusion is detected and when
                  action is taken to defend against the
                  attack. Research by Cohen indicates that the success
                  of an attack is dependent on the time gap between
                  detection and response. If skilled attackers are
                  given ten hours after they are detected and before a
                  response, they will be successful 80\% of the
                  time. At thirty hours, the attacker almost never
                  fails. The proposed methodology addresses this
                  window of vulnerability by providing an automated
                  response to incidents using a heterogeneous
                  collection of software agents. These agents
                  collaborate to protect the computer system against
                  attack and adapt their response tactics until the
                  system administrator can take an active role in the
                  defense of the system.},
  keywords =     {ai application security},
  url =
                  {http://www.itoc.usma.edu/marin/Wshop/Papers2000/TP1_1.pdf},
  citeseer =	 {carver00methodology.html},
  cluster = 	 {590005433200040961}
}