Dear all, We are working on a method to support automated intrusion response by
computing the lowest cost response to deploy. The goal is to account for varying system environments, response capabilities, and intrusion severities, and to compute the response quickly enough to permit an automated system to take near real time action. As part of our evaluation of this method, we have a small simulation of our selection model that we'd like to invite you to try. We would like to gauge the "intuitiveness" of our approach by asking experienced people if the selected responses are what they expect, and determine if there are other response-selection factors which we are not taking in to account. Instructions for using the Java-applet simulation are available at: https://strasnet.dnsalias.net/ equationDataGenServlet/ The first time you access the page, you may be prompted about an invalid SSL certificate. It is using a self-signed certificate, so just accept it to continue to the site. To load the applet you'll need to have java version 1.5 or higher. There are a couple of example files to start from, but feel free to make changes or setup other systems as desired. To run through the sample XML files as-is should take < 15-20 minutes. If you would like your comments and results included in our research, please go through within the next week or so. Results will be posted at https://strasnet.dnsalias.net/ equationDataGenServlet/ Thanks, we look forward to getting your feedback! If you have any questions, please feel free to contact me at [email protected] Natalia Stakhanova
