{"title":"语义方案提取Web服务网络安全攻击策略","authors":"W. Yan, Fang Liu","doi":"10.1109/IPOM.2004.1547600","DOIUrl":null,"url":null,"abstract":"In the recent years, Web technologies have been used to provide an interface to the distributed services. The advent of the computer networks has accelerated this development, and has sparked the emergence of the numerous environments that enable Web services. However, the computer network security against the distributed denial of service attacks (DDoS) attacks attracts more attentions. The overwhelming alerts generated by the intrusion detection systems make it hard for the security administrator to analyze and extract the attack strategies, which hampers the performance of the attack detection. One method to resolve the problem is the attack scenarios extraction. In this paper, we propose a novel way to correlate the alerts and extract the attack scenarios. The modified case grammar, principal-subordinate consequence tagging case grammar and the alert semantic network, are used to generate the attack classes. Alerts mutual information is also applied to calculate the alert semantic context window size. Afterwards, based on the alert context, the attack instances are extracted.","PeriodicalId":197627,"journal":{"name":"2004 IEEE International Workshop on IP Operations and Management","volume":"3 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2004-10-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Semantic scheme to extract attack strategies for Web service network security\",\"authors\":\"W. Yan, Fang Liu\",\"doi\":\"10.1109/IPOM.2004.1547600\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In the recent years, Web technologies have been used to provide an interface to the distributed services. The advent of the computer networks has accelerated this development, and has sparked the emergence of the numerous environments that enable Web services. However, the computer network security against the distributed denial of service attacks (DDoS) attacks attracts more attentions. The overwhelming alerts generated by the intrusion detection systems make it hard for the security administrator to analyze and extract the attack strategies, which hampers the performance of the attack detection. One method to resolve the problem is the attack scenarios extraction. In this paper, we propose a novel way to correlate the alerts and extract the attack scenarios. The modified case grammar, principal-subordinate consequence tagging case grammar and the alert semantic network, are used to generate the attack classes. Alerts mutual information is also applied to calculate the alert semantic context window size. Afterwards, based on the alert context, the attack instances are extracted.\",\"PeriodicalId\":197627,\"journal\":{\"name\":\"2004 IEEE International Workshop on IP Operations and Management\",\"volume\":\"3 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2004-10-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2004 IEEE International Workshop on IP Operations and Management\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IPOM.2004.1547600\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2004 IEEE International Workshop on IP Operations and Management","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IPOM.2004.1547600","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Semantic scheme to extract attack strategies for Web service network security
In the recent years, Web technologies have been used to provide an interface to the distributed services. The advent of the computer networks has accelerated this development, and has sparked the emergence of the numerous environments that enable Web services. However, the computer network security against the distributed denial of service attacks (DDoS) attacks attracts more attentions. The overwhelming alerts generated by the intrusion detection systems make it hard for the security administrator to analyze and extract the attack strategies, which hampers the performance of the attack detection. One method to resolve the problem is the attack scenarios extraction. In this paper, we propose a novel way to correlate the alerts and extract the attack scenarios. The modified case grammar, principal-subordinate consequence tagging case grammar and the alert semantic network, are used to generate the attack classes. Alerts mutual information is also applied to calculate the alert semantic context window size. Afterwards, based on the alert context, the attack instances are extracted.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
