Intrusion Response Systems: Foundations, Design, and Challenges

In the last few decades, various network attacks have emerged. This phenomenon requires serious consideration to address its extensive consequences. To overcome the effects of network attacks, an appropriate intrusion detection system and a real-time intrusion response system are required. In this paper, we present an IRS taxonomy based on design parameters to classify existing schemes. Furthermore, we investigate the essential response design parameters for IRS to mitigate attacks in real time and obtain a robust output. The majority of existing schemes disregard the importance of semantic coherence and dynamic response parameters in the response selection process. Therefore, most existing schemes produce inaccurate results by generating false alarms. These design parameters are comprehensively discussed in this paper. We have qualitatively analyzed existing IRS schemes on the basis of the response design parameters. Open research challenges are identified to highlight key research areas in this research domain.