An Architecture for Automatic and Adaptive Defense

<p>Network attacks have become so fast that human mitigation cannot cope with security requirements. In addition, attackers have become smarter by creating attacks which mutate themselves to prevent detection. Therefore, defense mechanisms must be automated to keep up with attack speed and adapted to seek out mutations. An architecture to support this trend in defense mechanisms is proposed here. The architecture is based upon three conceptual pillars. First is the use of a multi-feedback loop control to slow down an attack. Second, machine learning concepts are employed to properly distinguish between normal and abnormal e-attack traffic. And, third, trust and reputation levels are determined through social networks. A case study on the application of the proposed architecture to a worm propagation attack provides the initial evidence of the e-attack and applicability of the approach.</p>