IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Safety Analysis Using Petri Nets
IEEE Transactions on Software Engineering
Distributed operating systems
Artificial intelligence: a modern approach
Artificial intelligence: a modern approach
Safeware: system safety and computers
Safeware: system safety and computers
State Transition Analysis: A Rule-Based Intrusion Detection Approach
IEEE Transactions on Software Engineering
Coloured Petri nets (2nd ed.): basic concepts, analysis methods and practical use: volume 1
Coloured Petri nets (2nd ed.): basic concepts, analysis methods and practical use: volume 1
A Methodology for Testing Intrusion Detection Systems
IEEE Transactions on Software Engineering
Classification and detection of computer intrusions
Classification and detection of computer intrusions
Software agents
Discovering data mining: from concept to implementation
Discovering data mining: from concept to implementation
Coloured Petri nets: basic concepts, analysis methods and practical use, volume 3
Coloured Petri nets: basic concepts, analysis methods and practical use, volume 3
A practical approach to security assessment
NSPW '97 Proceedings of the 1997 workshop on New security paradigms
A graph-based system for network-vulnerability analysis
Proceedings of the 1998 workshop on New security paradigms
Journal of Systems and Software
ADeLe: an attack description language for knowledge-based intrustion detection
Sec '01 Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge
Secrets & Lies: Digital Security in a Networked World
Secrets & Lies: Digital Security in a Networked World
Intrusion Detection
Automated discovery of concise predictive rules for intrusion detection
Journal of Systems and Software
Constructing attack scenarios through correlation of intrusion alerts
Proceedings of the 9th ACM conference on Computer and communications security
ASAX: Software Architecture and Rule-Based Language for Universal Audit Trail Analysis
ESORICS '92 Proceedings of the Second European Symposium on Research in Computer Security
Abstraction-Based Misuse Detection: High-Level Specifications and Adaptable Strategies
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
Formal Specification of Intrusion Signatures and Detection Rules
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Automated Generation and Analysis of Attack Graphs
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
USTAT: A Real-Time Intrusion Detection System for UNIX
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Intelligent multi-agent system for intrusion detection and countermeasures
Intelligent multi-agent system for intrusion detection and countermeasures
Lightweight agents for intrusion detection
Journal of Systems and Software
Managing attack graph complexity through visual hierarchical aggregation
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Correlating Intrusion Events and Building Attack Scenarios Through Attack Graph Distances
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
Detecting Intrusions Specified in a Software Specification Language
COMPSAC '05 Proceedings of the 29th Annual International Computer Software and Applications Conference - Volume 01
Multiple Coordinated Views for Network Attack Graphs
VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
Towards the automatic generation of mobile agents for distributed intrusion detection system
Journal of Systems and Software
A Biological Approach to the Development of Computer Autoimmune Systems
ISMIS '02 Proceedings of the 13th International Symposium on Foundations of Intelligent Systems
Design and implementation of a misused intrusion detection system using autonomous and mobile agents
EATIS '07 Proceedings of the 2007 Euro American conference on Telematics and information systems
Towards Modelling Information Security with Key-Challenge Petri Nets
NordSec '09 Proceedings of the 14th Nordic Conference on Secure IT Systems: Identity and Privacy in the Internet Age
Software Fault Feature Clustering Algorithm Based on Sequence Pattern
WISM '09 Proceedings of the International Conference on Web Information Systems and Mining
Expressive, efficient and obfuscation resilient behavior based IDS
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Modeling security attacks with statecharts
Proceedings of the joint ACM SIGSOFT conference -- QoSA and ACM SIGSOFT symposium -- ISARCS on Quality of software architectures -- QoSA and architecting critical systems -- ISARCS
A systematic process-model-based approach for synthesizing attacks and evaluating them
EVT/WOTE'12 Proceedings of the 2012 international conference on Electronic Voting Technology/Workshop on Trustworthy Elections
Hi-index | 0.00 |
The integration of Software Fault Tree (SFT), which describes intrusions and Coloured Petri Nets (CPNs) that specifies design, is examined for an Intrusion Detection System (IDS). The IDS under development is a collection of mobile agents that detect, classify, and correlate the system and network activities. SFTs, augmented with nodes that describe trust, temporal and contextual relationships, are used to describe intrusions. CPNs for intrusion detection are built using CPN templates created from the augmented SFTs. Hierarchical CPNs are created to detect critical stages of intrusions. The agentbased implementation of the IDS is then constructed from the CPNs. Examples of intrusions and descriptions of the prototype implementation are used to demonstrate how the CPN approach has been used in the development of the IDS. The main contribution of this paper is an approach to systematic specification, design and implementation of an IDS; Innovations include (1) using stages of intrusions to structure the specification and design of the IDS; (2) augmentation of SFT with trust, temporal and contextual nodes to model intrusions; (3) algorithmic construction of CPNs from augmented SFT; and (4) generation of mobile agents from CPNs.