State Transition Analysis: A Rule-Based Intrusion Detection Approach
IEEE Transactions on Software Engineering
Computer crime: a crimefighter's handbook
Computer crime: a crimefighter's handbook
Intrusion-detection for incident-response, using a military battlefield-intelligence process
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
The theory of parsing, translation, and compiling
The theory of parsing, translation, and compiling
Analysis and Results of the 1999 DARPA Off-Line Intrusion Detection Evaluation
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
Network Security Modeling and Cyber Attack Simulation Methodology
ACISP '01 Proceedings of the 6th Australasian Conference on Information Security and Privacy
Software Development Kit for Multi-agent Systems Design and Implementation
CEEMAS '01 Revised Papers from the Second International Workshop of Central and Eastern Europe on Multi-Agent Systems: From Theory to Practice in Multi-Agent Systems
ADeLe: An Attack Description Language for Knowledge-Based Intrusion Detection
IFIP/Sec '01 Proceedings of the IFIP TC11 Sixteenth Annual Working Conference on Information Security: Trusted Information: The New Decade Challenge
NetSTAT: A Network-Based Intrusion Detection Approach
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
How to Systematically Classify Computer Security Intrusions
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Software vulnerability analysis
Software vulnerability analysis
Bro: a system for detecting network intruders in real-time
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Journal of Artificial Intelligence Research
A model of the behavior of network objects in distributed computer systems
Programming and Computing Software
Multi-step attack modelling and simulation (MsAMS) framework based on mobile ambients
Proceedings of the 2009 ACM symposium on Applied Computing
Agent-based modeling and simulation of network softbots' competition
Proceedings of the 2006 conference on Knowledge-Based Software Engineering: Proceedings of the Seventh Joint Conference on Knowledge-Based Software Engineering
IAAI'05 Proceedings of the 17th conference on Innovative applications of artificial intelligence - Volume 3
CEEMAS'03 Proceedings of the 3rd Central and Eastern European conference on Multi-agent systems
On competing agents consistent with expert knowledge
AIS-ADM'07 Proceedings of the 2nd international conference on Autonomous intelligent systems: agents and data mining
Effective discovery of intrusion protection strategies
AIS-ADM 2005 Proceedings of the 2005 international conference on Autonomous Intelligent Systems: agents and Data Mining
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Behavior-based model of detection and prevention of intrusions in computer networks
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Language games for meaning negotiation between human and computer agents
ESAW'05 Proceedings of the 6th international conference on Engineering Societies in the Agents World
Systematic engineering of control protocols for covert channels
CMS'12 Proceedings of the 13th IFIP TC 6/TC 11 international conference on Communications and Multimedia Security
Hi-index | 0.00 |
The paper presents an approach and formal framework for modeling attacks against computer network and its software implementation on the basis of a multi-agent architecture. The model of an attack is considered as a complex process of contest of adversary entities those are malefactor or team of malefactors, on the one hand, and network security system implementing a security policy, on the other hand. The paper focuses on the conceptual justification of the chosen approach, specification of the basic components composing attack model, formal frameworks for specification of the above components and their interaction in simulation procedure. The peculiarities of the developed approach are the followings: (1) malefactor's intention-centric attack modeling; (2) multi-level attack specification; (3) ontology-based distributed attack model structuring; (4) attributed stochastic LL(2) context-free grammar for formal specification of attack scenarios and its components ("simple attacks"); (5) using operation of formal grammar substitution for specification of multi-level structure of attacks; (6) state machine-based formal grammar framework implementation; (7) on-line generation of the malefactor's activity resulting from the reaction of the attacked network security system.