Ontologies-Based Automated Intrusion Response System
作者: Verónica Mateos Lanchas , Víctor A. Villagrá González , Francisco Romero Bueno
DOI: 10.1007/978-3-642-16626-6_11
关键词: Engineering 、 Systems architecture 、 Network security 、 Host-based intrusion detection system 、 Mobile agent 、 Data mining 、 Intrusion detection system 、 Inference 、 Anomaly-based intrusion detection system 、 Process (engineering)
摘要: Automated intrusion response is an important problem in network security. Several Intrusion Response Systems (AIRS) have been proposed to take over that task, but current proposals limitations related their adaptability different sources, since they do not into account the semantic of alerts coming from Detection Systems, with formats and syntaxes. To solve this problem, paper proposes architecture for AIRS based on ontologies, formal behavior specification languages reasoning mechanisms, which automatically infers executes optimum action when security-events detection sources detect security intrusions. This describes system as well inference process recommended responses.
springer.com
springerlink.com参考文章(10)
Udo W. Pooch, Curtis A. Carver, Adaptive agent-based intrusion response Texas A&M University. ,(2001)
H. Lan, SWRL : A semantic Web rule language combining OWL and ruleML World Wide Web Consortium (W3C). ,(2004)
Bo Lang, Junhe Liu, Jiudan Zheng, The research on automated intrusion response system based on mobile agents computer supported cooperative work in design. ,vol. 1, pp. 344- 347 ,(2004) , 10.1109/CACWD.2004.1349044
G.B. White, E.A. Fisch, U.W. Pooch, Cooperating security managers: a peer-based intrusion detection system IEEE Network. ,vol. 10, pp. 20- 23 ,(1996) , 10.1109/65.484228
Rudi Studer, V.Richard Benjamins, Dieter Fensel, Knowledge engineering: principles and methods data and knowledge engineering. ,vol. 25, pp. 161- 197 ,(1998) , 10.1016/S0169-023X(97)00056-6
Bingrui Foo, Yu-Sung Wu, Yu-Chun Mao, S. Bagchi, E. Spafford, ADEPTS: adaptive intrusion response using attack graphs in an e-commerce environment dependable systems and networks. pp. 508- 517 ,(2005) , 10.1109/DSN.2005.17
Natalia Stakhanova, Samik Basu, Johnny Wong, A Cost-Sensitive Model for Preemptive Intrusion Response Systems advanced information networking and applications. pp. 428- 435 ,(2007) , 10.1109/AINA.2007.9
Z. Wang, Q. Zhao, H. Wang, L. Yu, MAIRF: An Approach to Mobile Agents-based Intrusion Response System conference on industrial electronics and applications. pp. 1- 4 ,(2006) , 10.1109/ICIEA.2006.257117
S.M. Lewandowski, D.J. Van Hook, G.C. O'Leary, J.W. Haines, L.M. Rossey, SARA: Survivable Autonomic Response Architecture darpa information survivability conference and exposition. ,vol. 1, pp. 77- 88 ,(2001) , 10.1109/DISCEX.2001.932194
Peter G. Neumann, Phillip A. Porras, Ravenswood Avenue, EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances computer and communications security. pp. 245- 254 ,(2002)