Abstract: In today's life the internet user population are very increased that why the user face of fast-spreading intrusion. The intrusion detection possible not only detection algorithms, but also it required the special tool hence we create a new tool that is intrusion response and recovery in short RRE tool. In this paper, we propose a new product this product can do the automated response the intrusion this is called the Response and Recovery Engine (RRE). Our engine employs a user data transaction response strategy against adversaries modeled as opponents in a two-user stochastic transaction. Our software whose name is RRE involves attack-response trees to response the attacker and analyzes undesired security events and their countermeasures using Boolean logic to combine lower-level attack consequences. In addition, RRE database involve only the users data those who registered in the RRE. The product involves the intrusion detection system which detects the intrusion in Boolean form. RRE then correct option to take optimal response actions by solving a partially overt competitive Markov decision process that is automatically derived from attack-response trees. Experimental results show that RRE, using the Snort’s alerts, the snorts alert can provide the security for networks for which assailment-replication trees have more than 500 nodes.

Keywords: Response and Recovery Engine (RRE), IP fragmentation, SMTP mass mailing, DoS attacks.