{"title":"基于组件的软件系统安全攻击与防御管理的本体框架","authors":"A. Vorobiev, Jun Han, N. Bekmamedova","doi":"10.1109/ASWEC.2008.25","DOIUrl":null,"url":null,"abstract":"Software systems become increasingly distributed, involving many independent and collaborating components working towards achieving system goals. At the same time, security attacks on these systems have also grown being more sophisticated and are quite difficult to identify and mitigate, in particular including distributed attacks. In this paper, we argue that one way to detect and resist against such attacks is through the collaboration of a system's constituent components. To achieve collaborative defense in a distributed component-based system, a common basis (vocabulary) is needed for the components to communicate and work with each other in detecting attacks and devising countermeasures. We adopt an ontological approach to establishing such a common base and introduce ontologies concerning security attacks and defenses. The ontologies specify the security concepts and their relationships in a way understandable to both humans and software agents. We use a case study involving Mitnick attacks to demonstrate how system components use the ontologies to detect and counter attacks.","PeriodicalId":231903,"journal":{"name":"19th Australian Conference on Software Engineering (aswec 2008)","volume":"39 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-03-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":"{\"title\":\"An Ontology Framework for Managing Security Attacks and Defences in Component Based Software Systems\",\"authors\":\"A. Vorobiev, Jun Han, N. Bekmamedova\",\"doi\":\"10.1109/ASWEC.2008.25\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Software systems become increasingly distributed, involving many independent and collaborating components working towards achieving system goals. At the same time, security attacks on these systems have also grown being more sophisticated and are quite difficult to identify and mitigate, in particular including distributed attacks. In this paper, we argue that one way to detect and resist against such attacks is through the collaboration of a system's constituent components. To achieve collaborative defense in a distributed component-based system, a common basis (vocabulary) is needed for the components to communicate and work with each other in detecting attacks and devising countermeasures. We adopt an ontological approach to establishing such a common base and introduce ontologies concerning security attacks and defenses. The ontologies specify the security concepts and their relationships in a way understandable to both humans and software agents. We use a case study involving Mitnick attacks to demonstrate how system components use the ontologies to detect and counter attacks.\",\"PeriodicalId\":231903,\"journal\":{\"name\":\"19th Australian Conference on Software Engineering (aswec 2008)\",\"volume\":\"39 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-03-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"13\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"19th Australian Conference on Software Engineering (aswec 2008)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ASWEC.2008.25\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"19th Australian Conference on Software Engineering (aswec 2008)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ASWEC.2008.25","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An Ontology Framework for Managing Security Attacks and Defences in Component Based Software Systems
Software systems become increasingly distributed, involving many independent and collaborating components working towards achieving system goals. At the same time, security attacks on these systems have also grown being more sophisticated and are quite difficult to identify and mitigate, in particular including distributed attacks. In this paper, we argue that one way to detect and resist against such attacks is through the collaboration of a system's constituent components. To achieve collaborative defense in a distributed component-based system, a common basis (vocabulary) is needed for the components to communicate and work with each other in detecting attacks and devising countermeasures. We adopt an ontological approach to establishing such a common base and introduce ontologies concerning security attacks and defenses. The ontologies specify the security concepts and their relationships in a way understandable to both humans and software agents. We use a case study involving Mitnick attacks to demonstrate how system components use the ontologies to detect and counter attacks.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
