发布求助
文献互助 智能选刊 最新文献

Fourth IEEE International Workshop on Information Assurance (IWIA'06)最新文献

筛选
英文 中文
Modeling and execution of complex attack scenarios using interval timed colored Petri nets 使用间隔时间彩色Petri网的复杂攻击场景建模和执行
Fourth IEEE International Workshop on Information Assurance (IWIA'06) Pub Date : 2006-04-13 DOI: 10.1109/IWIA.2006.17
O. Dahl, S. Wolthusen
{"title":"Modeling and execution of complex attack scenarios using interval timed colored Petri nets","authors":"O. Dahl, S. Wolthusen","doi":"10.1109/IWIA.2006.17","DOIUrl":"https://doi.org/10.1109/IWIA.2006.17","url":null,"abstract":"The commonly used flaw hypothesis model (FHM) for performing penetration tests provides only limited, high level guidance for the derivation of actual penetration attempts. In this paper, a mechanism for the systematic modeling, simulation, and exploitation of complex multistage and multiagent vulnerabilities in networked and distributed systems based on stochastic and interval-timed colored Petri nets is described and analyzed through case studies elucidating several properties of Petri net variants and their suitability to modeling this type of attack","PeriodicalId":156960,"journal":{"name":"Fourth IEEE International Workshop on Information Assurance (IWIA'06)","volume":"103 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116193127","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 40
Active event correlation in Bro IDS to detect multi-stage attacks 主动事件关联在Bro IDS检测多阶段攻击
Fourth IEEE International Workshop on Information Assurance (IWIA'06) Pub Date : 2006-04-13 DOI: 10.1109/IWIA.2006.2
Bing Chen, Joohan Lee, A. Wu
{"title":"Active event correlation in Bro IDS to detect multi-stage attacks","authors":"Bing Chen, Joohan Lee, A. Wu","doi":"10.1109/IWIA.2006.2","DOIUrl":"https://doi.org/10.1109/IWIA.2006.2","url":null,"abstract":"Many recent computer attacks have been launched in multiple stages to evade the detection of existing intrusion detection systems (IDS). Some stages of the attack may appear innocent if checked separately. Furthermore, the intervals between these separate attack stages can be on the order of hours, days, or even months. These characteristics of multi-stage attacks make the detection task challenging for most existing IDSs that are stateless in that they perform intrusion detection by independently checking individual packets, connections or sessions. In this paper, we propose a novel approach, active event correlation (AEC), which collects and correlates suspicious network events inside a network intrusion detection system (NIDS). AEC infers the possibility of attacks in the context of security policies and blocks attacks before they are completed. We have implemented AEC on top of the Bro NIDS (Paxson, 1999). Experiments indicate that AEC can effectively recognize and correlate individual stages of multi-stage attacks, stop incomplete attack stages, and give network administrators meaningful and concise alerts","PeriodicalId":156960,"journal":{"name":"Fourth IEEE International Workshop on Information Assurance (IWIA'06)","volume":"103 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116485010","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 19
Ensuring compliance between policies, requirements and software design: a case study 确保策略、需求和软件设计之间的遵从性:一个案例研究
Fourth IEEE International Workshop on Information Assurance (IWIA'06) Pub Date : 2006-04-13 DOI: 10.1109/IWIA.2006.7
Q. He, Paul N. Otto, A. Antón, Laurie A. Jones
{"title":"Ensuring compliance between policies, requirements and software design: a case study","authors":"Q. He, Paul N. Otto, A. Antón, Laurie A. Jones","doi":"10.1109/IWIA.2006.7","DOIUrl":"https://doi.org/10.1109/IWIA.2006.7","url":null,"abstract":"Specifying correct and complete access control policies is essential to secure data and ensure privacy in information systems. Traditionally, policy specification has not been an explicit part of the software development process. This isolation of policy specification from software development often results in policies that are not in compliance with system requirements and/or organizational security and privacy policies, leaving the system vulnerable to data breaches. This paper presents the results and lessons learned from a case study that employs the Requirements-based Access Control Analysis and Policy Specification (ReCAPS) method to specify access control policies for a Web-based event registration system. The ReCAPS method aids software and security engineers in specifying access control policies derived from requirements specifications and other available sources. Our case study revealed that the ReCAPS method helps identify inconsistencies across various software artifacts, such as requirements specification, database design, and organizational security and privacy policies. Had these problems not been identified and resolved, they would have crippled later phases of software development, resulted in missing or incomplete system functionality, and compromised the system's security and privacy. This case study reinforces, validates, and extends our previous recommendations that access control policy specification should be an integral part of the software development process for information systems to achieve information assurance and improve the quality of the information system","PeriodicalId":156960,"journal":{"name":"Fourth IEEE International Workshop on Information Assurance (IWIA'06)","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131529644","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
POSEIDON: a 2-tier anomaly-based network intrusion detection system POSEIDON:基于异常的两层网络入侵检测系统
Fourth IEEE International Workshop on Information Assurance (IWIA'06) Pub Date : 2005-11-11 DOI: 10.1109/IWIA.2006.18
D. Bolzoni, S. Etalle, P. Hartel, E. Zambon
{"title":"POSEIDON: a 2-tier anomaly-based network intrusion detection system","authors":"D. Bolzoni, S. Etalle, P. Hartel, E. Zambon","doi":"10.1109/IWIA.2006.18","DOIUrl":"https://doi.org/10.1109/IWIA.2006.18","url":null,"abstract":"We present POSEIDON, a new anomaly-based network intrusion detection system. POSEIDON is payload-based, and has a two-tier architecture: the first stage consists of a self-organizing map, while the second one is a modified PAYL system. Our benchmarks on the 1999 DARPA data set show a higher detection rate and lower number of false positives than PAYL and PHAD","PeriodicalId":156960,"journal":{"name":"Fourth IEEE International Workshop on Information Assurance (IWIA'06)","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114893194","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 118
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信