Research Article
A Retroactive-Burst Framework for Automated Intrusion Response System
Table 2
Policies for dynamic response level selection.
| | Policy | RC.index | Selected Level |
| | P1 = There is not any information in plans_history | low | 1 | | Medium | 1 | | High | 2 | | P2 = (There is related information in plans_history) and (Previous status was successful) and (Time of previous run is far to current time) | Low | current_level | | Medium | current_level | | High | current_level + 1 | | P3 = (There is related information in plans_history) and (Previous status was successful) and (Time of previous run is near to current time) | Low | current_level | | Medium | current_level + 1 | | High | current_level + 2 | | P4 = (There is related information in plans_history) and (Previous status was not successful) and (Time of previous run is far to current time) | Low | current_level + 1 | | Medium | current_level + 2 | | High | current_level + 3 | | P5 = (There is related information in plans_history) and (Previous status was not successful) and (Time of previous run is near to current time) | Low | current_level + 2 | | Medium | last_level | | High | last_level |
|
|
