{"title":"异构入侵检测系统的签名交换模型","authors":"Dwen-Ren Tsai, Chien-Ning Huang","doi":"10.1109/CCST.2009.5335528","DOIUrl":null,"url":null,"abstract":"In this paper, we propose an UML-based generic format set of intrusion signatures for heterogeneous intrusion detecting systems (IDSs) via analyzing signature formats of three popular IDS products. We also propose an attack signature exchange model of heterogeneous IDSs. With this model, an attack signature generated by one IDS could be adopted by different IDSs easily. The proposed XML-based generic signature format set is designed to be extensible, and therefore it should be easy to incorporate new features in the future. When a software vendor releases its software patch packages together with the signatures addressing the potential attacks, the signatures detected can be easily and promptly included into IDSs reported from different vendors using this model.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"11 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"A signature exchange model for heterogeneous intrusion detection systems\",\"authors\":\"Dwen-Ren Tsai, Chien-Ning Huang\",\"doi\":\"10.1109/CCST.2009.5335528\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this paper, we propose an UML-based generic format set of intrusion signatures for heterogeneous intrusion detecting systems (IDSs) via analyzing signature formats of three popular IDS products. We also propose an attack signature exchange model of heterogeneous IDSs. With this model, an attack signature generated by one IDS could be adopted by different IDSs easily. The proposed XML-based generic signature format set is designed to be extensible, and therefore it should be easy to incorporate new features in the future. When a software vendor releases its software patch packages together with the signatures addressing the potential attacks, the signatures detected can be easily and promptly included into IDSs reported from different vendors using this model.\",\"PeriodicalId\":117285,\"journal\":{\"name\":\"43rd Annual 2009 International Carnahan Conference on Security Technology\",\"volume\":\"11 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-11-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"43rd Annual 2009 International Carnahan Conference on Security Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CCST.2009.5335528\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"43rd Annual 2009 International Carnahan Conference on Security Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCST.2009.5335528","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A signature exchange model for heterogeneous intrusion detection systems
In this paper, we propose an UML-based generic format set of intrusion signatures for heterogeneous intrusion detecting systems (IDSs) via analyzing signature formats of three popular IDS products. We also propose an attack signature exchange model of heterogeneous IDSs. With this model, an attack signature generated by one IDS could be adopted by different IDSs easily. The proposed XML-based generic signature format set is designed to be extensible, and therefore it should be easy to incorporate new features in the future. When a software vendor releases its software patch packages together with the signatures addressing the potential attacks, the signatures detected can be easily and promptly included into IDSs reported from different vendors using this model.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
