{"title":"与软件攻击和漏洞交互的函数式编程方法","authors":"V. Damjanovic, D. Djuric","doi":"10.1109/ICSTW.2010.53","DOIUrl":null,"url":null,"abstract":"This paper proposes using functional programming style in a way to respond to detection of and interaction with the software attacks and vulnerabilities. Additionally, our approach considers involving Description Logics, as a basis for the use of the Semantic Web and meta-programming to produce executable ontologies and to enable semantic reasoning over behavior and interaction with software attacks and vulnerabilities. Accordingly, we introduce Magic Potion, a recently defined Domain Specific meta-Language that uses Modeling Spaces framework to study heterogeneous modeling and meta-modeling problems inspired by Model Driven Architecture. As an example of formalism for modeling software attacks and vulnerabilities, we explore Attack Tree, which provides a formal methodology for analyzing the security of the system. Based on Attack Tree, which is herein specified for a particular problem of dealing with known attacks and vulnerabilities of the security layer of the Wireless Application Protocol, and which is particularly built on top of Magic Potion specification, we define our specific Domain Specific Language that we call Attack Tree Domain Specific Language. It is envisioned as a tool for modeling and interacting with software attacks and vulnerabilities.","PeriodicalId":117410,"journal":{"name":"2010 Third International Conference on Software Testing, Verification, and Validation Workshops","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-04-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Functional Programming Way to Interact with Software Attacks and Vulnerabilities\",\"authors\":\"V. Damjanovic, D. Djuric\",\"doi\":\"10.1109/ICSTW.2010.53\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper proposes using functional programming style in a way to respond to detection of and interaction with the software attacks and vulnerabilities. Additionally, our approach considers involving Description Logics, as a basis for the use of the Semantic Web and meta-programming to produce executable ontologies and to enable semantic reasoning over behavior and interaction with software attacks and vulnerabilities. Accordingly, we introduce Magic Potion, a recently defined Domain Specific meta-Language that uses Modeling Spaces framework to study heterogeneous modeling and meta-modeling problems inspired by Model Driven Architecture. As an example of formalism for modeling software attacks and vulnerabilities, we explore Attack Tree, which provides a formal methodology for analyzing the security of the system. Based on Attack Tree, which is herein specified for a particular problem of dealing with known attacks and vulnerabilities of the security layer of the Wireless Application Protocol, and which is particularly built on top of Magic Potion specification, we define our specific Domain Specific Language that we call Attack Tree Domain Specific Language. It is envisioned as a tool for modeling and interacting with software attacks and vulnerabilities.\",\"PeriodicalId\":117410,\"journal\":{\"name\":\"2010 Third International Conference on Software Testing, Verification, and Validation Workshops\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-04-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 Third International Conference on Software Testing, Verification, and Validation Workshops\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICSTW.2010.53\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 Third International Conference on Software Testing, Verification, and Validation Workshops","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSTW.2010.53","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Functional Programming Way to Interact with Software Attacks and Vulnerabilities
This paper proposes using functional programming style in a way to respond to detection of and interaction with the software attacks and vulnerabilities. Additionally, our approach considers involving Description Logics, as a basis for the use of the Semantic Web and meta-programming to produce executable ontologies and to enable semantic reasoning over behavior and interaction with software attacks and vulnerabilities. Accordingly, we introduce Magic Potion, a recently defined Domain Specific meta-Language that uses Modeling Spaces framework to study heterogeneous modeling and meta-modeling problems inspired by Model Driven Architecture. As an example of formalism for modeling software attacks and vulnerabilities, we explore Attack Tree, which provides a formal methodology for analyzing the security of the system. Based on Attack Tree, which is herein specified for a particular problem of dealing with known attacks and vulnerabilities of the security layer of the Wireless Application Protocol, and which is particularly built on top of Magic Potion specification, we define our specific Domain Specific Language that we call Attack Tree Domain Specific Language. It is envisioned as a tool for modeling and interacting with software attacks and vulnerabilities.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
