Foundations for Intrusion Prevention
نویسندگان
چکیده
We propose an infrastructure that helps a system administrator to identify a newly published vulnerability on the site hosts and to evaluate the vulnerability’s threat with respect to the administrator’s security priorities. The infrastructure foundation is the vulnerability semantics, a small set of attributes for vulnerability definition. We demonstrate that with a few attributes it is possible to define the majority of the known vulnerabilities in a way that (i) facilitates their accurate identification, and (ii) enables the administrator to rank the vulnerabilities found according to the organization’s security priorities. A large scale experiment demonstrates that our infrastructure can find significant vulnerabilities even in a site with a high security awareness.
منابع مشابه
Activity Profiles for Intrusion Detection
This paper one of the series of papers in which we lay down the foundations for design of trustworthy computing systems. We propose here a methodology to perform behavior-based intrusion detection on security protocols using fuzzy relational methods. Fuzzified Allen temporal algebra plays an important role in capturing the time dimension of concurrent activites of principals as well as of intru...
متن کاملFoundations for Survivable System Development: Service Traces, Intrusion Traces, and Evaluation Models
vii 1 Survivable System Concepts 1 2 Service Traces for Survivability Specification 5 2.1 Essential-Service Workflows 5 2.2 Essential-Service Traces 6 2.3 Relational Specification of Trace Components 6 2.4 Computational Survivability 7 3 Intrusion Traces for Adverse Environment Specification 9 3.1 Intruder Workflows Organized Into Attack Trees 10 3.2 Attack Patterns Organized Into Attack Profil...
متن کاملEnhanced Cultural Algorithm of Data Mining for Intrusion Detection System
Classification rule mining is a class of problems which is the most sought out by decision makers since they produce comprehensible form of knowledge. The user should be ready to specify the properties of the foundations. The foundations discovered should have a number of these properties to render them helpful. This work proposes to enhance the cultural algorithm by application of ANT clusteri...
متن کاملA Concept on Intrusion Detection System Genetic Algorithm, Fuzzy Logic and Challenges – A Review
Intrusion Detection System (IDS) which is increasing the key element of system security is used to identify the malicious activities in a computer system there are different approaches being employed in intrusion detection systems. The prediction process may produce false alarms in many anomaly based intrusion detection systems. With the concept of fuzzy logic, the false alarm rate in establish...
متن کاملMHIDCA: Multi Level Hybrid Intrusion Detection and Continuous Authentication for MANET Security
Mobile ad-hoc networks have attracted a great deal of attentions over the past few years. Considering their applications, the security issue has a great significance in them. Security scheme utilization that includes prevention and detection has the worth of consideration. In this paper, a method is presented that includes a multi-level security scheme to identify intrusion by sensors and authe...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Praxis der Informationsverarbeitung und Kommunikation
دوره 27 شماره
صفحات -
تاریخ انتشار 2004