Semantic scheme to extract attack strategies for web service network security

Document Type

Conference Proceeding

Publication Date

12-19-2005

Abstract

In the recent years, Web technologies have been used to provide an interface to the distributed services. The.- advent of the computer networks has accelerated (his development, and has sparked the emergence of the numerous environments that enable Web services. However, the computer network security against the Distributed Denial of Service attacks (DDoS) attacks attracts more attentions. The overwhelming alerts generated by the Intrusion Detection Systems make it hard for the security administrator to analyze and extract the attack strategies, which will hamper the performance of the attack detection. One method to resolve the problem is the attack scenarios extraction. In this paper, we propose a novel, way to correlate the alerts and extract the attack scenarios. The modified case grammar, Principal-subordinate Consequence Tagging Case Grammar and the alert semantic network, are used to generate the attack classes. Alerts mutual information is also applied to calculate the alert semantic context window size. Afterwards, based on the alert context, the attack instances are extracted. © 2004 IEEE.

Identifier

28844474557 (Scopus)

ISBN

[0780388364, 9780780388369]

Publication Title

2004 IEEE Workshop on Ip Operations and Management Proceedings Ipom 2004 Self Measurement and Self Management of Ip Networks and Services

First Page

104

Last Page

111

This document is currently not available here.

Share

COinS