Detecting intrusions specified in a software specification language

29th Annual International Computer Software and Applications Conference (COMPSAC'05) Pub Date : 2005-07-26 DOI:10.1109/COMPSAC.2005.69

M. Raihan, Mohammad Zulkernine

{"title":"Detecting intrusions specified in a software specification language","authors":"M. Raihan, Mohammad Zulkernine","doi":"10.1109/COMPSAC.2005.69","DOIUrl":null,"url":null,"abstract":"To protect software against malicious activities, organizations are required to monitor security breaches. Intrusion detection systems (IDS) are those kinds of monitoring tools that have gained a considerable amount of popularity, A number of specification-based IDSs have been proposed, where security requirements or attack scenarios are specified using some languages. Currently, attack specification languages are being deployed for describing security requirements. Use of two different languages for software specification and security specification invites a number of unwanted but complicated issues, such as duplication of requirements specification effort as well as the existence of redundant and conflicting requirements. In this paper, we present an intrusion detection technique that uses a formal software specification language called abstract state machine language (AsmL) for the specification of security requirements. We present a framework, and develop the algorithm for the IDS that interprets the AsmL attack scenario specifications in order to detect intrusions. Moreover, we discuss case studies where the presented intrusion detection system is used to detect attacks.","PeriodicalId":419267,"journal":{"name":"29th Annual International Computer Software and Applications Conference (COMPSAC'05)","volume":"63 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"29th Annual International Computer Software and Applications Conference (COMPSAC'05)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/COMPSAC.2005.69","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 13

Abstract

To protect software against malicious activities, organizations are required to monitor security breaches. Intrusion detection systems (IDS) are those kinds of monitoring tools that have gained a considerable amount of popularity, A number of specification-based IDSs have been proposed, where security requirements or attack scenarios are specified using some languages. Currently, attack specification languages are being deployed for describing security requirements. Use of two different languages for software specification and security specification invites a number of unwanted but complicated issues, such as duplication of requirements specification effort as well as the existence of redundant and conflicting requirements. In this paper, we present an intrusion detection technique that uses a formal software specification language called abstract state machine language (AsmL) for the specification of security requirements. We present a framework, and develop the algorithm for the IDS that interprets the AsmL attack scenario specifications in order to detect intrusions. Moreover, we discuss case studies where the presented intrusion detection system is used to detect attacks.

查看原文本刊更多论文

检测以软件规范语言指定的入侵

为了保护软件免受恶意活动的侵害，组织需要监控安全漏洞。入侵检测系统(IDS)是一种非常受欢迎的监控工具，已经提出了许多基于规范的入侵检测系统，其中使用某些语言指定了安全需求或攻击场景。目前，正在部署攻击规范语言来描述安全需求。在软件规范和安全规范中使用两种不同的语言会引起许多不必要的但复杂的问题，例如需求规范工作的重复以及冗余和冲突需求的存在。在本文中，我们提出了一种入侵检测技术，该技术使用一种称为抽象状态机语言(AsmL)的正式软件规范语言来规范安全需求。我们提出了一个框架，并开发了IDS的算法，该算法解释了AsmL攻击场景规范，以检测入侵。此外，我们还讨论了使用所提出的入侵检测系统检测攻击的案例研究。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

29th Annual International Computer Software and Applications Conference (COMPSAC'05)

自引率

0.00%

发文量