Attacks against computer network: Formal grammar-based framework and simulation tool

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 2516, Issue , 2002, Pages 219-238

  Gorodetski, Vladimir ^a   Kotenko, Igor ^a  

^a ST PETERSBURG INSTITUTE FOR INFORMATICS AND AUTOMATION   (Russian Federation)

Author keywords

[No Author keywords available]

Indexed keywords

COMPLEX NETWORKS; COMPUTATIONAL GRAMMARS; COMPUTER CRIME; COMPUTER NETWORKS; CONTEXT FREE GRAMMARS; FORMAL SPECIFICATION; INTRUSION DETECTION; MACHINE COMPONENTS; MERCURY (METAL); MULTI AGENT SYSTEMS; SECURITY SYSTEMS; SOFTWARE AGENTS; SPECIFICATIONS; STOCHASTIC MODELS; STOCHASTIC SYSTEMS;

COMPLEX PROCESSES; DISTRIBUTED ATTACK; FORMAL FRAMEWORK; MULTI-LEVEL STRUCTURES; MULTIAGENT ARCHITECTURE; ON-LINE GENERATION; SIMULATION PROCEDURES; SOFTWARE IMPLEMENTATION;

NETWORK SECURITY;

EID: 84958956850     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/3-540-36084-0_12     Document Type: Conference Paper

References (40)

1. Aho, A.V., Ullman, J.D.: The Theory of Parsing, Translation, and Compiling, Vol. 1, 2, Prentice-Hall, Inc. (1972)
2. Alessandri, D., Cachin, C., Dacier, M., Deak, O., Julisch, K., Randell, B., Riordan, J., Tscharner, A., Wespi, A., Wuest, C.: Towards a Taxonomy of Intrusion Detection Systems and Attacks. MAFTIA deliverable D3. Version 1.01. Project IST-1999-11583. Malicious- and Accidental-Fault Tolerance for Internet Applications (2001)
3. Bishop, M.: A standard audit trail format. Technical report, Department of Computer Science, University of California at Davis (1995)
4. Custom Attack Simulation Language (CASL). Secure Networks (1998)
5. Chi, S.-D., Park, J.S., Jung, K.-C., Lee, J.-S.: Network Security Modeling and Cyber Attack Simulation Methodology. Lecture Notes in Computer Science, Vol.2119 (2001)
6. Chung, M., Mukherjee, B., Olsson, R.A., Puketza, N.: Simulating Concurrent Intrusions for Testing Intrusion Detection Systems: Parallelizing Intrusions. Proceedings of the 18th NISSC (1995)
7. Cohen, F.B.: Information System Attacks: A Preliminary Classification Scheme. Computers and Security, Vol.16, No.1 (1997)
8. Cohen, F.: Simulating Cyber Attacks, Defenses, and Consequences. IEEE Symposium on Security and Privacy, Berkeley, CA (1999)
9. Cuppens, F., Ortalo, R.: Lambda: A language to model a database for detection of attacks. RAID’2000, Lecture Notes in Computer Science, Vol.1907 (2000)
10. Curry, D.: Intrusion detection message exchange format, extensible markup language (xml) document type definition. draft-ietf-idwg-idmef-xml-02.txt (2000)
11. Debar, H., Dacier, M., Wespi, A., Lampart, S.: An experimentation workbench for intrusion detection systems. Research Report RZ-2998 (# 93044). IBM Research Division, Zurich Research Laboratory (1998)
12. Eckmann, S.T., Vigna, G., Kemmerer, R.A.: STATL: An Attack Language for State-based Intrusion Detection. Proceedings of the ACM Workshop on Intrusion Detection, Athens, Greece (2000)
13. Feiertag, R., Kahn, C., Porras, P., Schnackenberg, D., Staniford-Chen, S., Tung, B.: A common intrusion specification language (cisl). specification draft (1999)
14. Fu, K.S.: Syntactic Methods in Pattern Recognition, Academic Press, New York (1974)
15. Glushkov, V., Tseitlin, G., Yustchenko, E.: Algebra, Languages, Programming. Naukova Dumka Publishers, Kiev (1978) (In Russian).
16. Gorodetski, V., Karsayev, O., Kotenko, I., Khabalov, A.: Software Development Kit for Multi-agent Systems Design and Implementation. Lecture Notes in Artificial Intelligence, Vol. 2296, Springer Verlag (2002)
17. Hailstorm. Users Manual, 1.0 (2000) http://www.clicktosecure.com/
18. Howard, J.D., Longstaff, T.A.: A Common Language for Computer Security Incidents, SANDIA REPORT, SAND98-8667 (1998)
19. Huang, M.-Y., Wicks, T.M.: A Large-scale Distributed Intrusion Detection Framework Based on Attack Strategy Analysis. RAID’98, Louvain-la-Neuve (1998)
20. Icove, D., Seger K., VonStorch, W.: Computer Crime: A Crimefighter’s Handbook, O’Reilly and Associates, Inc., Sebastopol, CA (1995)
21. IDS Informer 3.0. User Guide. BLADE Software (2001)
22. Iglun, K., Kemmerer, R.A., Porras, P.A.: State Transition Analysis: A Rule-Based Intrusion Detection System. IEEE Transactions on Software Engineering, Vol. 21, No.3 (1995)
23. Kemmerer, R.A., Vigna, G.: NetSTAT: A network-based intrusion detection approach. Proceedings of the 14th ACSAC, Scottsdale, Arizona (1998)
24. Krsul, I.V.: Software Vulnerability Analysis, Ph.D. Dissertation, Computer Sciences Department, Purdue University, Lafayette, IN (1998)
25. Lindqvist, U., Jonsson, E.: How to Systematically Classify Computer Security Intrusions. Proceedings of the 1997 IEEE Symposium on Security and Privacy, IEEE Computer Society Press, Los Alamitos, CA (1997)
26. Lippmann, R., Haines, J.W., Fried, D.J., Korba, J., Das, K.: The 1999 DARPA off-line intrusion detection evaluation. RAID’2000, Lecture Notes in Computer Science, Vol.1907 (2000)
27. McHugh, J.: The 1998 Lincoln Laboratory IDS Evaluation: A Critique. RAID’2000, Lecture Notes in Computer Science, Vol.1907 (2000)
28. McHugh, J.: Intrusion and intrusion detection. International Journal of Information Security, No.1 (2001)
29. Me, L.: Gassata, a genetic algorithm as an alternative tool for security audit trails analysis. RAID’98, Louvain-la-Neuve (1998)
30. Michel, C., Me, L.: ADeLe: An Attack Description Language for Knowledge-based Intrusion Detection. Proceedings of the 16th International Conference on Information Security, Kluwer (2001)
31. Moitra, S.D., Konda S.L.: A Simulation Model for Managing Survivability of Networked Information Systems, Technical Report CMU/SEI-2000-TR-020 ESC-TR-2000-020 (2000)
32. Moore, A.P., Ellison, R.J., Linger, R.C.: Attack Modeling for Information Security and Survivability. Technical Note CMU/SEI-2001-TN-001 (2001)
33. http://www.ontology.org/
34. Paxson, V.: Bro: A system for detecting network intruders in real-time. Proceedings of the 7th Usenix Security Symposium (1998)
35. Puketza, N., Chung, M., Olsson, R.A., Mukherjee, B.: A Software Platform for Testing Intrusion Detection Systems. IEEE Software, Vol.14, No.5 (1997)
36. Stewart, A.J.: Distributed Metastasis: A Computer Network Penetration Methodology. The Packet Factory (1999) (Phrack Magazine, Vol. 9, Issue 55)
37. Tambe, M.: Towards Flexible Teamwork. Journal of Artificial Intelligence Research, No.7 (1997)
38. Vigna, G., Eckmann, S.T., Kemmerer, R.A.: Attack Languages. Proceedings of the IEEE Information Survivability Workshop, Boston (2000)
39. Yuill, J., Wu, F., Settle, J., Gong, F., Huang, M.: Intrusion Detection for an On- Going Attack. RAID’99, West Lafayette, Indiana, USA (1999)
40. Yuill, J., Wu, F., Settle, J., Gong, F., Forno, R., Huang, M., Asbery, J.: Intrusiondetection for incident-response, using a military battlefield-intelligence process. Computer Networks, No. 34 (2000)