Communications of the ACM
The cuckoo's egg: tracking a spy through the maze of computer espionage
The cuckoo's egg: tracking a spy through the maze of computer espionage
Coloured Petri nets: basic concepts, analysis methods and practical use, volume 3
Coloured Petri nets: basic concepts, analysis methods and practical use, volume 3
Towards a task-based paradigm for flexible and adaptable access control in distributed applications
NSPW '92-93 Proceedings on the 1992-1993 workshop on New security paradigms
Honeypots: Tracking Hackers
Petri Net Theory and the Modeling of Systems
Petri Net Theory and the Modeling of Systems
Accurately Detecting Source Code of Attacks That Increase Privilege
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Honeypots for Distributed Denial of Service Attacks
WETICE '02 Proceedings of the 11th IEEE International Workshops on Enabling Technologies: nfrastructure for Collaborative Enterprises
How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
Dynamic and risk-aware network access management
Proceedings of the eighth ACM symposium on Access control models and technologies
The Honeynet Project: Trapping the Hackers
IEEE Security and Privacy
Firewalls and Internet Security: Repelling the Wily Hacker
Firewalls and Internet Security: Repelling the Wily Hacker
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Design of network security projects using honeypots
Journal of Computing Sciences in Colleges
Data base support for intrusion detection with honeynets
TELE-INFO'07 Proceedings of the 6th WSEAS Int. Conference on Telecommunications and Informatics
VMM detection using privilege rings and benchmark execution times
International Journal of Communication Networks and Distributed Systems
Extensible policy framework for heterogeneous network environments
International Journal of Information and Computer Security
Hi-index | 0.00 |
New forms of Internet attacks, such as SQL Slammer,have become increasingly sophisticated. Although codedin a simple way, the SQL Slammer worm propagated allover the world at an extremely high speed in a short periodof time, rendering it impossible for humans to counterit using manual intervention. In this paper, we proposea security framework called Japonica to detect and respondto unknown attacks at the early stage through the dynamicorchestration of prevention, detection, and responsemechanisms. We identify important requirements to supportthe proposed framework and corresponding system entities.Also, we describe our model using Colored Petri Netsto discover a uniform message exchange format among theentities. One unique characteristic of Japonica is an activeresponse coordinator and we demonstrate its feasibilityin a proof-of-concept prototype, utilizing a honeypot as anactive entity. Our results indicate that Japonica can successfullyprevent the spread of SQL Slammer without humanintervention. We are currently extending the framework tocounter other forms of sophisticated Internet attacks.