论文信息 - Timed Coloured Petri Net Model for Misuse Intrusion Detection

Timed Coloured Petri Net Model for Misuse Intrusion Detection

Misuse detection is the process of attempting to identify instances of network attacks by comparing current activity against the expected actions of an intruder. Most current approaches to misuse detection involve the use of rule-based expert systems to identify indications of known attacks. However, these techniques are less successful in identifying attacks which vary from expected patterns. This paper presents a general model based on timed coloured Petri net, capable of handling patterns generated to model the attack behavior as sequence of events. This model also allows flagging an attack, when the behavior of one or more processes matches the attack behavior. In addition, graphical representation of a timed coloured Petri net gives a straightforward view of relations between attacks

N. Srinivasan | V. Vaidehi | Srinivasan N | Vaidehi V

[1] Stephen Kahne. Research issues in the transition to free flight , 2000 .

[2] Tadao Murata,et al. Petri nets: Properties, analysis and applications , 1989, Proc. IEEE.

[3] Richard A. Kemmerer,et al. State Transition Analysis: A Rule-Based Intrusion Detection Approach , 1995, IEEE Trans. Software Eng..

[4] Sandeep Kumar,et al. A Software Architecture to Support Misuse Intrusion Detection , 1995 .

[5] Sandeep Kumar,et al. Classification and detection of computer intrusions , 1996 .

[6] Grzegorz Rozenberg,et al. High-level Petri Nets: Theory And Application , 1991 .

[7] Laurent Joncheray. A Simple Active Attack Against TCP , 1995, USENIX Security Symposium.

[8] Aurobindo Sundaram,et al. An introduction to intrusion detection , 1996, CROS.

[9] Vern Paxson,et al. An analysis of using reflectors for distributed denial-of-service attacks , 2001, CCRV.

[10] M. Diaz,et al. Modeling and Verification of Time Dependent Systems Using Time Petri Nets , 1991, IEEE Trans. Software Eng..

[11] Todd L. Heberlein,et al. Network intrusion detection , 1994, IEEE Network.

[12] Peter Radford,et al. Petri Net Theory and the Modeling of Systems , 1982 .

[13] Wolfgang Reisig. Petri Nets: An Introduction , 1985, EATCS Monographs on Theoretical Computer Science.

[14] Stephanie Forrest,et al. A sense of self for Unix processes , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.