A relational approach to monitoring complex systems
ACM Transactions on Computer Systems (TOCS)
Protection imperfect: the security of some computing environments
ACM SIGOPS Operating Systems Review
Software testing techniques (2nd ed.)
Software testing techniques (2nd ed.)
Computer security basics
Fundamentals of computer security technology
Fundamentals of computer security technology
A taxonomy of computer program security flaws
ACM Computing Surveys (CSUR)
Protection and security on the information superhighway
Protection and security on the information superhighway
Classification and detection of computer intrusions
Classification and detection of computer intrusions
An analysis of security incidents on the Internet 1989-1995
An analysis of security incidents on the Internet 1989-1995
Intrusion Detection
The IEEE Standard Dictionary of Electrical and Electronics Terms
The IEEE Standard Dictionary of Electrical and Electronics Terms
The Open Modeling Language (Oml) Reference Manual
The Open Modeling Language (Oml) Reference Manual
ANML: A Language for Describing Networks
MASCOTS '01 Proceedings of the Ninth International Symposium in Modeling, Analysis and Simulation of Computer and Telecommunication Systems
How to Systematically Classify Computer Security Intrusions
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Intrusion damage control and assessment: a taxonomy and implementation of automated responses to intrusive behavior
Hi-index | 0.00 |
In this work a general framework, termed NSDF, for describing network systems is proposed. Basic elements of this scheme are entities and the relationships established between them. Both entities and relationships are the basis underlying the concept of system state. The dynamics of a network system can be conceived of as a trajectory in the state space. The term action is used to describe every event which can produce a transition from one state to another.These concepts (entity, relationship, state, and action) are enough to construct a model of the system. Evolution and dynamism are easily captured, and it is possible to monitor the behaviour of the system. With the aim of illustrating the use of the proposed framework, a network state description language derived from NSDF, termed RENDL, is also specified.An immediate application of this framework concerns the network security field. It is shown that concepts like security policing of the site, insecure states, intrusive activities and intrusion response mechanisms can be modelled well. Thus, some imprecise terms used in the security context can be expressed in a uniform, precise way within this framework. Formalizing the above concepts allows us to introduce a generic model to classify currently presented taxonomies related to intrusive activities in network systems. This provides a general context for a better understanding of security flaws and how to develop effective defenses.