Network connectivity exposes the network infrastructure and assets to
vulnerabilities that attackers can exploit. Protecting network assets against
attacks requires the application of security countermeasures. Nevertheless,
employing countermeasures incurs costs, such as monetary costs, along with time
and energy to prepare and deploy the countermeasures. Thus, an Intrusion
Response System (IRS) shall consider security and QoS costs when dynamically
selecting the countermeasures to address the detected attacks. This has
motivated us to formulate a joint Security-vs-QoS optimization problem to
select the best countermeasures in an IRS. The problem is then transformed into
a matching game-theoretical model. Considering the monetary costs and attack
coverage constraints, we first derive the theoretical upper bound for the
problem and later propose stable matching-based solutions to address the
trade-off. The performance of the proposed solution, considering different
settings, is validated over a series of simulations.
Dedicated Forum to help removing adware, malware, spyware, ransomware, trojans, viruses and more!
