{"id":"https://openalex.org/W4292829559","doi":"https://doi.org/10.1145/3548636.3548649","title":"An Attack Impact and Host Importance based Approach to Intrusion Response Action Selection","display_name":"An Attack Impact and Host Importance based Approach to Intrusion Response Action Selection","publication_year":2022,"publication_date":"2022-06-23","ids":{"openalex":"https://openalex.org/W4292829559","doi":"https://doi.org/10.1145/3548636.3548649"},"language":"en","primary_location":{"id":"doi:10.1145/3548636.3548649","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3548636.3548649","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3548636.3548649","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 4th International Conference on Information Technology and Computer Communications (ITCC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3548636.3548649","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5050206092","display_name":"Tazar Hussain","orcid":"https://orcid.org/0000-0001-6380-5584"},"institutions":[{"id":"https://openalex.org/I138801177","display_name":"University of Ulster","ror":"https://ror.org/01yp9g959","country_code":"GB","type":"education","lineage":["https://openalex.org/I138801177"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Tazar Hussain","raw_affiliation_strings":["School of Computing, Ulster University, UK"],"affiliations":[{"raw_affiliation_string":"School of Computing, Ulster University, UK","institution_ids":["https://openalex.org/I138801177"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5021247547","display_name":"Chris Nugent","orcid":"https://orcid.org/0000-0003-0882-7902"},"institutions":[{"id":"https://openalex.org/I138801177","display_name":"University of Ulster","ror":"https://ror.org/01yp9g959","country_code":"GB","type":"education","lineage":["https://openalex.org/I138801177"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Chris Nugent","raw_affiliation_strings":["School of Computing, Ulster University, UK"],"affiliations":[{"raw_affiliation_string":"School of Computing, Ulster University, UK","institution_ids":["https://openalex.org/I138801177"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100361707","display_name":"Jun Liu","orcid":"https://orcid.org/0000-0001-8859-5405"},"institutions":[{"id":"https://openalex.org/I138801177","display_name":"University of Ulster","ror":"https://ror.org/01yp9g959","country_code":"GB","type":"education","lineage":["https://openalex.org/I138801177"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Jun Liu","raw_affiliation_strings":["School of Computing, Ulster University, UK"],"affiliations":[{"raw_affiliation_string":"School of Computing, Ulster University, UK","institution_ids":["https://openalex.org/I138801177"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5003031539","display_name":"Alfie Beard","orcid":"https://orcid.org/0000-0003-0831-9078"},"institutions":[{"id":"https://openalex.org/I14689143","display_name":"BT Research","ror":"https://ror.org/03308db07","country_code":"GB","type":"facility","lineage":["https://openalex.org/I1332878012","https://openalex.org/I14689143"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Alfie Beard","raw_affiliation_strings":["BT Labs, Adastral Park, UK"],"affiliations":[{"raw_affiliation_string":"BT Labs, Adastral Park, UK","institution_ids":["https://openalex.org/I14689143"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100443536","display_name":"Liming Chen","orcid":"https://orcid.org/0000-0003-0200-7989"},"institutions":[{"id":"https://openalex.org/I138801177","display_name":"University of Ulster","ror":"https://ror.org/01yp9g959","country_code":"GB","type":"education","lineage":["https://openalex.org/I138801177"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Liming Chen","raw_affiliation_strings":["School of Computing, Ulster University, UK"],"affiliations":[{"raw_affiliation_string":"School of Computing, Ulster University, UK","institution_ids":["https://openalex.org/I138801177"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5012861339","display_name":"Adrian Moore","orcid":"https://orcid.org/0000-0001-6545-3228"},"institutions":[{"id":"https://openalex.org/I138801177","display_name":"University of Ulster","ror":"https://ror.org/01yp9g959","country_code":"GB","type":"education","lineage":["https://openalex.org/I138801177"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Adrian Moore","raw_affiliation_strings":["School of Computing, Ulster University, UK"],"affiliations":[{"raw_affiliation_string":"School of Computing, Ulster University, UK","institution_ids":["https://openalex.org/I138801177"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5050206092"],"corresponding_institution_ids":["https://openalex.org/I138801177"],"apc_list":null,"apc_paid":null,"fwci":0.2854,"has_fulltext":true,"cited_by_count":2,"citation_normalized_percentile":{"value":0.57559454,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"84","last_page":"91"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.823257327079773},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.7083142399787903},{"id":"https://openalex.org/keywords/host","display_name":"Host (biology)","score":0.6536306142807007},{"id":"https://openalex.org/keywords/testbed","display_name":"Testbed","score":0.649169921875},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.49253568053245544},{"id":"https://openalex.org/keywords/domain","display_name":"Domain (mathematical analysis)","score":0.4842216968536377},{"id":"https://openalex.org/keywords/attack-patterns","display_name":"Attack patterns","score":0.47928041219711304},{"id":"https://openalex.org/keywords/prioritization","display_name":"Prioritization","score":0.4786887764930725},{"id":"https://openalex.org/keywords/selection","display_name":"Selection (genetic algorithm)","score":0.459760844707489},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4353589713573456},{"id":"https://openalex.org/keywords/security-domain","display_name":"Security domain","score":0.41335228085517883},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.4132641553878784},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.38507720828056335},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.13764193654060364}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.823257327079773},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.7083142399787903},{"id":"https://openalex.org/C126831891","wikidata":"https://www.wikidata.org/wiki/Q221673","display_name":"Host (biology)","level":2,"score":0.6536306142807007},{"id":"https://openalex.org/C31395832","wikidata":"https://www.wikidata.org/wiki/Q1318674","display_name":"Testbed","level":2,"score":0.649169921875},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.49253568053245544},{"id":"https://openalex.org/C36503486","wikidata":"https://www.wikidata.org/wiki/Q11235244","display_name":"Domain (mathematical analysis)","level":2,"score":0.4842216968536377},{"id":"https://openalex.org/C2780741293","wikidata":"https://www.wikidata.org/wiki/Q4818019","display_name":"Attack patterns","level":3,"score":0.47928041219711304},{"id":"https://openalex.org/C2777615720","wikidata":"https://www.wikidata.org/wiki/Q11888847","display_name":"Prioritization","level":2,"score":0.4786887764930725},{"id":"https://openalex.org/C81917197","wikidata":"https://www.wikidata.org/wiki/Q628760","display_name":"Selection (genetic algorithm)","level":2,"score":0.459760844707489},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4353589713573456},{"id":"https://openalex.org/C2780264999","wikidata":"https://www.wikidata.org/wiki/Q7445032","display_name":"Security domain","level":2,"score":0.41335228085517883},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.4132641553878784},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.38507720828056335},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.13764193654060364},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0},{"id":"https://openalex.org/C18903297","wikidata":"https://www.wikidata.org/wiki/Q7150","display_name":"Ecology","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C539667460","wikidata":"https://www.wikidata.org/wiki/Q2414942","display_name":"Management science","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/3548636.3548649","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3548636.3548649","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3548636.3548649","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 4th International Conference on Information Technology and Computer Communications (ITCC)","raw_type":"proceedings-article"},{"id":"pmh:oai:pure.atira.dk:openaire/0781de38-be31-41cb-bd0c-14f4a2c567e6","is_oa":true,"landing_page_url":"https://pure.ulster.ac.uk/en/publications/0781de38-be31-41cb-bd0c-14f4a2c567e6","pdf_url":null,"source":{"id":"https://openalex.org/S4306402454","display_name":"Ulster University Research Portal (Ulster University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I138801177","host_organization_name":"University of Ulster","host_organization_lineage":["https://openalex.org/I138801177"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Hussain, T, Nugent, C, Liu, J, Beard, A, Chen, L & Moore, A 2022, An Attack Impact and Host Importance based Approach to Intrusion Response Action Selection. in ITCC '22: Proceedings of the 4th International Conference on Information Technology and Computer Communications. ACM International Conference Proceeding Series, Association for Computing Machinery, pp. 84-91, ITCC 2022: 2022 4th International Conference on Information Technology and Computer Communications , Guangzhou , China, 23/06/22. https://doi.org/10.1145/3548636.3548649","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:oai:pure.atira.dk:publications/0781de38-be31-41cb-bd0c-14f4a2c567e6","is_oa":true,"landing_page_url":"http://www.scopus.com/inward/record.url?scp=85137591898&partnerID=8YFLogxK","pdf_url":null,"source":{"id":"https://openalex.org/S4306402454","display_name":"Ulster University Research Portal (Ulster University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I138801177","host_organization_name":"University of Ulster","host_organization_lineage":["https://openalex.org/I138801177"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Hussain, T, Nugent, C, Liu, J, Beard, A, Chen, L & Moore, A 2022, An Attack Impact and Host Importance based Approach to Intrusion Response Action Selection. in ITCC '22: Proceedings of the 4th International Conference on Information Technology and Computer Communications. ACM International Conference Proceeding Series, Association for Computing Machinery, pp. 84-91, ITCC 2022: 2022 4th International Conference on Information Technology and Computer Communications , Guangzhou , China, 23/06/22. https://doi.org/10.1145/3548636.3548649","raw_type":"info:eu-repo/semantics/publishedVersion"}],"best_oa_location":{"id":"doi:10.1145/3548636.3548649","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3548636.3548649","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3548636.3548649","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 4th International Conference on Information Technology and Computer Communications (ITCC)","raw_type":"proceedings-article"},"sustainable_development_goals":[{"score":0.7699999809265137,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G4454715108","display_name":null,"funder_award_id":"BTIIC","funder_id":"https://openalex.org/F4320314204","funder_display_name":"Invest Northern Ireland"}],"funders":[{"id":"https://openalex.org/F4320314204","display_name":"Invest Northern Ireland","ror":"https://ror.org/00qnrsq87"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4292829559.pdf","grobid_xml":"https://content.openalex.org/works/W4292829559.grobid-xml"},"referenced_works_count":24,"referenced_works":["https://openalex.org/W243614003","https://openalex.org/W251082572","https://openalex.org/W344488431","https://openalex.org/W2002907052","https://openalex.org/W2132850642","https://openalex.org/W2419072884","https://openalex.org/W2490447569","https://openalex.org/W2527760048","https://openalex.org/W2550694155","https://openalex.org/W2600058599","https://openalex.org/W2735592277","https://openalex.org/W2772356386","https://openalex.org/W2773235317","https://openalex.org/W2789828921","https://openalex.org/W2905097561","https://openalex.org/W2980576170","https://openalex.org/W2990837077","https://openalex.org/W3014059767","https://openalex.org/W3083463474","https://openalex.org/W3109938540","https://openalex.org/W3143304050","https://openalex.org/W4229670006","https://openalex.org/W4235364441","https://openalex.org/W4237125779"],"related_works":["https://openalex.org/W2883256816","https://openalex.org/W2171408034","https://openalex.org/W3003320923","https://openalex.org/W2106140982","https://openalex.org/W2152313554","https://openalex.org/W2064303750","https://openalex.org/W2168341697","https://openalex.org/W4366978761","https://openalex.org/W1983685006","https://openalex.org/W2982492644"],"abstract_inverted_index":{"Selecting":[0],"appropriate":[1,104,166],"actions":[2,206],"is":[3,27,35,82,189],"crucial":[4],"for":[5],"building":[6],"effective":[7,54],"Intrusion":[8,185],"Response":[9,186],"Systems":[10],"(IRS)":[11],"that":[12,157],"can":[13],"counter":[14],"intrusions":[15,26],"according":[16,169],"to":[17,123,164,170,196,200,204],"their":[18],"priority":[19,23,172],"level.":[20],"Currently,":[21],"the":[22,43,73,97,146,149,158,171,181],"level":[24,173],"of":[25,46,72,91,109,116,128,135,141,148,174,180],"determined":[28],"manually,":[29],"in":[30,70,114,133],"a":[31,85,89,178,183],"static":[32],"manner,":[33],"which":[34],"time":[36],"consuming,":[37],"ineffective":[38],"and":[39,65,76,100,120,125,143],"cannot":[40],"scale":[41],"with":[42,103],"growing":[44],"number":[45,140],"attacks.":[47],"In":[48,191],"this":[49,202],"paper":[50],"we":[51,194],"present":[52],"an":[53],"event":[55],"prioritization":[56],"methodology":[57,182],"by":[58],"encoding":[59],"domain":[60,98],"knowledge,":[61],"namely":[62],"attack":[63,112],"impact":[64,113],"host":[66,131],"importance,":[67],"into":[68],"features":[69,93,110,129,160],"terms":[71,115,134],"confidentiality,":[74],"integrity":[75],"availability":[77],"(CIA).":[78],"The":[79,152],"proposed":[80],"approach":[81],"demonstrated":[83],"using":[84],"testbed":[86],"architecture":[87],"where":[88],"total":[90],"six":[92],"are":[94,101],"generated":[95,159],"from":[96],"knowledge":[99],"labeled":[102],"response":[105,167],"options.":[106],"One":[107],"set":[108,127],"encodes":[111,130],"its":[117,121],"potential":[118],"damage":[119],"ability":[122],"propagate":[124],"another":[126],"importance":[132],"data":[136],"sensitivity,":[137],"service":[138],"criticality,":[139],"connections":[142],"vulnerabilities":[144],"on":[145],"basis":[147],"CIA":[150],"factors.":[151],"case":[153],"study":[154],"results":[155],"indicate":[156],"help":[161],"security":[162],"analysts":[163],"select":[165],"options":[168],"events.":[175],"Additionally,":[176],"as":[177],"result":[179],"labelled":[184],"(IR)":[187],"dataset":[188,203],"generated.":[190],"future":[192],"work":[193],"aim":[195],"use":[197],"machine":[198],"learning":[199],"analyze":[201],"infer":[205],"automatically.":[207]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}