A distributed monitoring system for enhancing security and dependability at architectural level

Authors:
Paola Inverardi;Leonardo Mostarda
Affiliations:
Dip. di Informatica, Università di L'Aquila, Coppito, L'Aquila, Italy;Dip. di Informatica, Università di L'Aquila, Coppito, L'Aquila, Italy
Venue:
Architecting dependable systems IV
Year:
2007

Citing 17
Cited 1

Intrusion detection for distributed applications

Communications of the ACM
Enforceable security policies

ACM Transactions on Information and System Security (TISSEC)
NetSTAT: a network-based intrusion detection system

Journal of Computer Security
Component Software: Beyond Object-Oriented Programming

Component Software: Beyond Object-Oriented Programming
Building Reliable Component-Based Software Systems

Building Reliable Component-Based Software Systems
STATL: an attack language for state-based intrusion detection

Journal of Computer Security
A Map of Security Risks Associated with Using COTS

Computer
Energy-Efficient Communication Protocol for Wireless Microsensor Networks

HICSS '00 Proceedings of the 33rd Hawaii International Conference on System Sciences-Volume 8 - Volume 8
Execution monitoring of security-critical programs in distributed systems: a Specification-based approach

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Security in wireless sensor networks

Communications of the ACM - Wireless sensor networks
Efficient Decentralized Monitoring of Safety in Distributed Systems

Proceedings of the 26th International Conference on Software Engineering
Basic Concepts and Taxonomy of Dependable and Secure Computing

IEEE Transactions on Dependable and Secure Computing
A Taxonomy and Catalog of Runtime Software-Fault Monitoring Tools

IEEE Transactions on Software Engineering
Distributed IDSs for enhancing Security in Mobile Wireless Sensor Networks

AINA '06 Proceedings of the 20th International Conference on Advanced Information Networking and Applications - Volume 02
Architectural mismatch tolerance

Architecting dependable systems
An EFSM-based intrusion detection system for ad hoc networks

ATVA'05 Proceedings of the Third international conference on Automated Technology for Verification and Analysis
A distributed intrusion detection approach for secure software architecture

EWSA'05 Proceedings of the 2nd European conference on Software Architecture

DESERT: a decentralized monitoring tool generator

Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this work we present the DESERT tool that allows the automatic generation of distributed monitoring systems for enhancing security and dependability of a component-based application at architectural level. The DESERT language permits to specify both the components interfaces and interaction properties in term of correct components communications. DESERT uses these specifications to generate one filter for each component. Each filter locally detects when its component communications violate the property and can undertake a set of reaction policies. DESERT allows the definition of different reaction policies to enhance system security and dependability. DESERT has been used to monitor applications running on both mobile and wired infrastructures.