An Architecture for Automatic and Adaptive Defense

Network attacks have become so fast that human mitigation does not cope with security requirements. In addition, attacks are done in a smarter way mutating itself to prevent detection. Therefore, defense mechanisms must be automatic to comply with attack speed and adaptive to comply with their mutation. An architecture to support this trend in defense mechanisms is proposed here. The architecture is based upon three conceptual pillars. The rst is based on the use of a multi-feedback loop control to slow down an attack. The second lies on machine learning concepts to properly distinguish between normal e attack trafc. Finally, social network provides the mechanisms to determine trust and reputation levels of network elements. A case study on the application of the proposed architecture to a worm propagation attack provides the initial evidence of the efcac y and applicability of the approach.