response risk measurements

[ndubrov () cs iastate edu]

I'm a computer science student currently working on the active intrusion
response. I'm looking for the metrics for accessing response risks,
specifically the potential damage that a specific response can cause to the
system in terms of unavailability of resources, services, disruptiveness to the
legitimate users and so on.  I was wondering if anyone knows of any metrics for
quantifying those somehow for the purpose of intrusion detection and response.
I'm especially interested in the industry practice. Thank you!
Natalia Stakhanova



------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw 
to learn more.
------------------------------------------------------------------------