An Ontology Framework for Managing Security Attacks and Defences in Component Based Software Systems

19th Australian Conference on Software Engineering (aswec 2008) Pub Date : 2008-03-26 DOI:10.1109/ASWEC.2008.25

A. Vorobiev, Jun Han, N. Bekmamedova

{"title":"An Ontology Framework for Managing Security Attacks and Defences in Component Based Software Systems","authors":"A. Vorobiev, Jun Han, N. Bekmamedova","doi":"10.1109/ASWEC.2008.25","DOIUrl":null,"url":null,"abstract":"Software systems become increasingly distributed, involving many independent and collaborating components working towards achieving system goals. At the same time, security attacks on these systems have also grown being more sophisticated and are quite difficult to identify and mitigate, in particular including distributed attacks. In this paper, we argue that one way to detect and resist against such attacks is through the collaboration of a system's constituent components. To achieve collaborative defense in a distributed component-based system, a common basis (vocabulary) is needed for the components to communicate and work with each other in detecting attacks and devising countermeasures. We adopt an ontological approach to establishing such a common base and introduce ontologies concerning security attacks and defenses. The ontologies specify the security concepts and their relationships in a way understandable to both humans and software agents. We use a case study involving Mitnick attacks to demonstrate how system components use the ontologies to detect and counter attacks.","PeriodicalId":231903,"journal":{"name":"19th Australian Conference on Software Engineering (aswec 2008)","volume":"39 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-03-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"19th Australian Conference on Software Engineering (aswec 2008)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ASWEC.2008.25","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 13

Abstract

Software systems become increasingly distributed, involving many independent and collaborating components working towards achieving system goals. At the same time, security attacks on these systems have also grown being more sophisticated and are quite difficult to identify and mitigate, in particular including distributed attacks. In this paper, we argue that one way to detect and resist against such attacks is through the collaboration of a system's constituent components. To achieve collaborative defense in a distributed component-based system, a common basis (vocabulary) is needed for the components to communicate and work with each other in detecting attacks and devising countermeasures. We adopt an ontological approach to establishing such a common base and introduce ontologies concerning security attacks and defenses. The ontologies specify the security concepts and their relationships in a way understandable to both humans and software agents. We use a case study involving Mitnick attacks to demonstrate how system components use the ontologies to detect and counter attacks.

查看原文本刊更多论文

基于组件的软件系统安全攻击与防御管理的本体框架

软件系统变得越来越分散，涉及到许多独立的和协作的组件，以实现系统目标。与此同时，对这些系统的安全攻击也变得越来越复杂，很难识别和缓解，特别是包括分布式攻击。在本文中，我们认为检测和抵抗此类攻击的一种方法是通过系统组成组件的协作。为了在基于分布式组件的系统中实现协同防御，组件之间需要有一个共同的基础(词汇表)来进行通信，并在检测攻击和设计对策时相互协作。我们采用本体论的方法来建立这样的公共基础，并引入有关安全攻击和防御的本体论。本体以人类和软件代理都能理解的方式指定安全概念及其关系。我们使用一个涉及Mitnick攻击的案例研究来演示系统组件如何使用本体来检测和反击攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

19th Australian Conference on Software Engineering (aswec 2008)

自引率

0.00%

发文量