Integrating software specifications into intrusion detection

International Journal of Information Security

Volumn 6, Issue 5, 2007, Pages 345-357

  Zulkernine, Mohammad ^a   Graves, Mathews ^a   Khan, Muhammad Umair Ahmed ^a  

^a QUEEN S UNIVERSITY   (Canada)

Author keywords

Attack scenarios; Intrusion detection; Software specification languages; State machines

Indexed keywords

COMPUTER CRIME; COMPUTER PRIVACY; COMPUTER PROGRAMMING LANGUAGES; INTRUSION DETECTION; SECURITY OF DATA; UNIFIED MODELING LANGUAGE;

ABSTRACT STATE MACHINE LANGUAGE; SOFTWARE SPECIFICATION LANGUAGES; STATE MACHINES;

COMPUTER SOFTWARE;

EID: 34548131684     PISSN: 16155262     EISSN: 16155270     Source Type: Journal    
DOI: 10.1007/s10207-007-0023-0     Document Type: Conference Paper

References (33)

1. Anderson, J.: Computer security threat monitoring and surveillance, James P. Anderson Co., Fort Washington, PA, USA. Technical Report (1980)
2. Barnett, M., Grieskamp, W., Gurevich, Y., Schulte, W., Tillmann, N., Veanes, M.: Scenario-oriented modeling in AsmL and its instrumentation for testing. In: Second International Workshop on Scenarios and State Machine Models, Algorithms, and Tools, Portland, OR, USA (2003)
3. Barnett, M., Grieskamp, W., Nachmanson, L., Schulte, W., Tillmann, N., Veanes, M.: Model-based testing with AsmL.NET. Technical report, Microsoft Research, Redmond, WA, USA (2003)
4. Cheng K.T. and Krishnakumar A.S. (1996). Automatic generation of functional vectors using the extended finite state machine model. ACM Trans. Design Autom. Elec. Syst. 1(1): 57-79
5. Dermott, J., Fox, C.: Using abuse case models for security requirements analysis. In: Proceedings of 15th Annual Computer Security Applications Conference, Scottsdale, AZ, USA, pp. 55-64 (1999)
6. Eckmann, S.T.: Translating snort rules to STATL scenarios. In: Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID), Davis, CA, USA. LNCS, vol. 2212, pp. 69-84 (2001)
7. Eckmann S., Vigna G. and Kemmerer R. (2002). STATL: An attack language for state-based intrusion detection. J. Comput. Sec. 10: 71-104
8. Giffin, J., Jha, S., Miller, B.: Efficient context-sensitive intrusion detection. In: 11th Annual Network and Distributed Systems Security Symposium (NDSS), San Diego, CA, USA (2004)
9. Graves, M., Sulkernine, M.: Bridging the gap: software specification meets intrusion detector. In: Proceedings of the Fourth Annual Conference on Privacy, Security and Trust (PST), Markham, ON, Canada, pp. 265-274 (2006)
10. Grieskamp, W., Lepper, M., Schulte, W., Tillmann, N.: Testable use cases in the abstract state machine language. In: Proceedings of Asia-Pacific Conference on Quality Software, Hong Kong, pp.167-172 (2001)
11. Houmb, S., den Braber, F., Lund, M.S., Stolen, K.: Towards a UML profile for model-based risk assessment. In: Proceedings of the UML 2002, Dresden, Germany, LNCS vol. 2460, pp. 79-92 (2002)
12. HusAein, M., Zulkernine, M.: UMLintr: a UML profile for specifying intrusions. In: Proceedings of the IEEE International Conference and Workshop on the Engineering of Computer-Based Systems, Tucson, AZ, USA, pp. 279-288 (2006)
13. Hussein M. and Zulkernine M. (2007). Intrusion detection aware component-based systems: A specification-based approach. J. Syst. Softw. 80(5): 700-710
14. JuEdie;rjens, J.: UMLsec: extending UML for secure systems development. In: Proceedings of the UML 2002, Dresden, Germany. LNCS vol. 2460, pp. 412-425 (2002)
15. LoddeAstedt, T., Basin, D.A., Doser, J.: SecureUML: a UML-based modeling language for model-driven security. In: Proceedings of the UML 2002, Dresden, Germany. LNCS vol. 2460, pp. 426-441 (2002)
16. Massicotte, F., Couture, M., Labiche, Y.: Context-based intrusion detection using snort. In: Proceedings of the Third Annual Conference on Privacy, Security and Trust, St. Andrews, NB, Canada, pp. 53-61 (2005)
17. Microsoft Research: Introducing AsmL: A Tutorial for the Abstract State Machine Language. Microsoft Research Redmond (2002)
18. MIT Lincoln Laboratory, DARPA Intrusion Detection Data Sets (Online). Available: http://www.ll.mit.edu/IST/ideval/data/data_index.html. Last accessed in January 2007
19. Object Management Group: UML profile for modeling quality of service and fault tolerance characteristics and mechanisms. Technical report (2004)
20. Paxson V. (1999). Bro: A system for detecting network intruders in real-time. Comput. Netw. 31(23-24): 2435-2463
21. Pickering, K.J.: Evaluating the viability of intrusion detection system benchmarking. Bachelor's Thesis, University of Virginia, VA, USA (2002)
22. Raihan, M., Zulkernine, M.: Detecting intrusions specified in a software specification language. In: Proceedings of International Computer Software and Applications Conference (COMPSAC), Chicago, IL, USA, pp. 143-148 (2005)
23. RaiAan, M., Zulkernine, M.: AsmLSec: an extension of abstract state machine language for attack scenario specification. In: Proceedings of the Second International Conference on Availability, Reliability and Security, Vienna, Austria, pp. 775-782 (2007)
24. Roesch, M.: Snort-Lightweight intrusion detection for networks. In: Proceedings of the USENIX 13th System Administrations Conference, LISA '99, Seattle, WA, USA, pp. 229.238 (1999)
25. Sindre, G., Opdahl, A.L.: Eliciting security requirements by misuse cases. In: Proceedings of the 37th International Conference on Technology of Object-Oriented Languages and Systems (TOOLS-37 '00), Sydney, NSW, Australia, pp. 120-131 (2001)
26. Snort Users Manual (Online). Available: http://snort.org/. Last accessed in January 2007
27. The Abstract State Machine Language. http://research.microsoft.com/fse/ asml/. Last Accessed in January 2007
28. The Object Management Group. Website: http://www.omg.org. Last accessed in January 2007
29. TheHUnified Modeling Language: Website: http://www.uml.org. Last accessed in January 2007
30. Uppuluri, P., Sekar, R.: Experiences with specification-based intrusion detection. In: Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID), Davis, CA, USA. LNCS, vol. 2212, pp. 172-189 (2001)
31. AVankamamidi, R.: ASL: a specification language for intrusion detection and network monitoring. Master's thesis, Iowa State University, IA, USA (1998)
32. Webster, S.: The development and analysis of intrusion detection algorithms. Master's thesis, Massachusetts Institute of Technology, MA, USA (1998)
33. Yee, G.: Recent research in secure software. National Research Council Canada NR C/ERB-1134, NRC 48478 (2006)