论文信息 - Analysis of Timing Requirements for Intrusion Detection System

Analysis of Timing Requirements for Intrusion Detection System

An intrusion detection system (IDS) is a collection of sensors (often in the form of mobile agents) that collect data (security related events), classify them and trigger an alarm when unwanted manipulations to regular network behaviour is detected. Activities of attackers and network are time dependent. In the paper, fault trees with time dependencies (FTTD) are used to describe intrusions with emphasis put on timing properties. In FTTD, events and gates are characterized by time parameters. FTTD are used in verification whether the IDS reacts sufficiently quick on the intrusions. As an example, "the victim trusts the intruder" attack is analysed.

[1] Jan Magott,et al. Modeling Fault Trees Using Petri Nets , 1995, SAFECOMP.

[2] Bernd Bertsche,et al. Fault Tree Analysis, FTA , 2008 .

[3] James F. Allen,et al. Actions and Events in Interval Temporal Logic , 1994, J. Log. Comput..

[4] Jan Magott,et al. A Method of Analysis of Fault Trees with Time Dependencies , 2000, SAFECOMP.

[5] Emad Aboelela. TCP: Transmission Control Protocol , 2003 .

[6] Ming-Yuh Huang,et al. A large scale distributed intrusion detection framework based on attack strategy analysis , 1999, Comput. Networks.

[7] Jan Magott,et al. Method of time Petri net analysis for analysis of fault trees with time dependencies , 2002 .

[8] Cynthia A. Phillips,et al. A graph-based system for network-vulnerability analysis , 1998, NSPW '98.

[9] StakhanovaNatalia,et al. Software fault tree and coloured Petri net based specification, design and implementation of agent-based intrusion detection systems , 2007 .

[10] H. K. Schriner,et al. Probabilistic logic modeling of network reliability for hybrid network architectures , 1996, Proceedings of LCN - 21st Annual Conference on Local Computer Networks.

[11] Jan Magott,et al. Partially automatic generation of fault-trees with time dependencies , 2006, 2006 International Conference on Dependability of Computer Systems.