S.Sheela, T.Rajasundari
The numbers of users sharing sensitive information are increasing day by day which is highly vulnerable to various attacks and may be exploited. Analyzing and securing the information flow is a great challenge faced by most of the user in an organization. Intrusion Detection Systems usually generates number of alert messages by the sensing devices, IDSs whenever malicious activities are detected. In this paper, security evaluation framework that handles low-level IDS alerts and system security measure selection mechanism is proposed based on this how crucial they are for the organization. Seclius framework includes three phases as: Alert generation phase, Consequence Tree construction phase and Dependency graph generation phase. In the alert generation, the security requirements are located in the administrator server. If any malicious activity is detected, the seclius framework going to generate an alert based on the security measures of all systems in an organization. Consequence Tree is manually defined for capture the critical assets and organizational security requirements. The Dependency graph provides system learning process and going to free the administrator work.