A description logic based approach for IDS security information management

被引：0

作者：

Yan, W ^{[1
]}

Hou, E ^{[1
]}

Ansari, N ^{[1
]}

机构：

[1] New Jersey Inst Technol, Dept Elect & Comp Engn, Newark, NJ 07102 USA

来源：

2005 IEEE SARNOFF SYMPOSIUM ON ADVANCES IN WIRED AND WIRELESS COMMUNICATION | 2005年

关键词：

network security; description logics; intrusion detection system; security information management;

D O I：

暂无

中图分类号：

TN [电子技术、通信技术];

学科分类号：

0809 ;

摘要：

The upsurge of network Distributed Denial of Service (DDoS) attacks on computer networks demands great effort in network security management. Currently, Intrusion Detection Systems (IDSs) are used to secure computer networks. However, IDSs may generate a huge volume of alerts, making it hard for security administrators to uncover hidden attack scenarios. In this paper, we propose a Description Logic-based approach for IDS event semantic analysis, which allows inferring attack scenarios and enabling the attack knowledge semantic queries. With Attack Knowledge Base consisting of Abox and Tbox, IDS alerts are converted into machine-understandable uniform alert streams. The ontology and attack instances of Attack Knowledge Base are applied to derive attack scenarios. Then the attack semantic query is implemented by spreading activation technique, which enables administrators to query the intrusion states of the networks.

引用

页码：118 / 121

页数：4

共 50 条

[1] Multidimensional Management of Information Security - A metrics based Approach merging Business and Information Security Topics
Sowa, Sebastian
Gabriel, Roland
[J]. 2009 INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY, AND SECURITY (ARES), VOLS 1 AND 2, 2009, : 750 - +
[2] An ontology-based approach to information systems security management
Tsoumas, B
Dritsas, S
Gritzalis, D
[J]. COMPUTER NETWORK SECURITY, PROCEEDINGS, 2005, 3685 : 151 - 164
[3] Information security management - A practical approach
Dey, Manik
[J]. 2007 AFRICON, VOLS 1-3, 2007, : 587 - 592
[4] An Ontological Approach to Information Security Management
Pereira, Teresa
Santos, Henrique
[J]. PROCEEDINGS OF THE 7TH INTERNATIONAL CONFERENCE ON INFORMATION WARFARE AND SECURITY, 2012, : 368 - 375
[5] A PROCESS APPROACH TO INFORMATION SECURITY MANAGEMENT
VONSOLMS, R
VONSOLMS, SH
CARROLL, JM
[J]. COMPUTER SECURITY, 1993, 37 : 385 - 399
[6] A description logic based approach to formalizing the information bearing capability of paths in ER schemata
Xu, Kaibo
Feng, Junkang
Crowe, Malcolm
Liu, Lin
[J]. INTERNATIONAL JOURNAL OF INTELLIGENT COMPUTING AND CYBERNETICS, 2015, 8 (03) : 279 - 291
[7] A Fuzzy Logic-Based Information Security Management for Software-Defined Networks
Dotcenko, Sergei
Vladyko, Andrei
Letenko, Ivan
[J]. 2014 16TH INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION TECHNOLOGY (ICACT), 2014, : 167 - 171
[8] Towards Metamodel-based Approach for Information Security Awareness Management
Jama, Ahmed Yousuf
Siraj, Maheyzah Md
Kadir, Rashidah
[J]. 2014 INTERNATIONAL SYMPOSIUM ON BIOMETRICS AND SECURITY TECHNOLOGIES (ISBAST), 2014, : 316 - 321
[9] System dynamics based approach to risk management for security in information systems
Trcek, Denis
[J]. PROCEEDINGS OF THE 11TH WSEAS INTERNATIONAL CONFERENCE ON SYSTEMS, VOL 2: SYSTEMS THEORY AND APPLICATIONS, 2007, : 347 - +
[10] Information Security Management for Smart Power Grid - Standards based Approach
Shivakumar, V
Veena, M. B.
[J]. 2022 IEEE 10TH POWER INDIA INTERNATIONAL CONFERENCE, PIICON, 2022,

← 1 2 3 4 5 →