ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
A requires/provides model for computer attacks
Full text PdfPdf (704 KB)
Source New Security Paradigms Workshop archive
Proceedings of the 2000 workshop on New security paradigms table of contents
Ballycotton, County Cork, Ireland
Pages: 31 - 38  
Year of Publication: 2001
ISBN:1-58113-260-3
Authors
Steven J. Templeton  Dept. of Computer Science, University of California, Davis
Karl Levitt  Dept. of Computer Science, University of California, Davis
Sponsor
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 13,   Downloads (12 Months): 67,   Citation Count: 31
Additional Information:

references   cited by   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/366173.366187
What is a DOI?

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Baldwin, R. W. (1991) Kuang: Rule-based security checking. In Kolstad, Rob. Daemons and dragons: the COPS security auditor. (tutorial) UNIX Review v9.n3 (March, 1991)
 
2
Farmer, Dan, and Venema, Wietse (1995) SATAN: Security Administrator's Tool for Analyzing Networks, http://www.fish.com/~zen/satan/satan.html
 
3
Farmer, Dan, and Spafford, Eugene. (1990) The COPS security checker system. In Proceedings of the Summer 1990 USENIX Conference, June 1990.
 
4
Feiertag, R., Kahn, C., Porras, P., Schnaekenberg, D., Staniford-Chen, S., Tung, B. (1999) A Common Intrusion Specification Language (CISL). At http://gost.isi.edu/projects/crisis/cidf/cisl__current.txt
 
5
Stephanie Forrest , Steven A. Hofmeyr , Anil Somayaji , Thomas A. Longstaff, A Sense of Self for Unix Processes, Proceedings of the 1996 IEEE Symposium on Security and Privacy, p.120, May 06-08, 1996
 
6
Simson Garfinkel , Gene Spafford, Practical Unix and Internet security (2nd ed.), O'Reilly & Associates, Inc., Sebastopol, CA, 1996
 
7
Guha, B.; Mukherjee, B. (1997) Network security via reverse engineering of TCP code: vulnerability analysis and proposed solutions. IEEE Network, vol. 11, (no.4), IEEE, July-Aug. 1997. p.40-8.
 
8
Kahn, C., Porras, P., Staniford-Chen, S. and Tung, B.(2000) A Common Intrusion Detection Framework. Submitted to the Journal of Computer Security.
 
9
Gene H. Kim , Eugene H. Spafford, Tripwire: a case study in integrity monitoring, Internet besieged: countering cyberspace scofflaws, ACM Press/Addison-Wesley Publishing Co., New York, NY, 1997
 
10
Ko C.C.W. (1996) Execution Monitoring of Security-Critical Programs in a Distributed System: A Specification-Based Approach, Ph.D. Thesis, University of California at Davis, August 1996
 
11
C. Ko , M. Ruschitzka , K. Levitt, Execution monitoring of security-critical programs in distributed systems: a Specification-based approach, Proceedings of the 1997 IEEE Symposium on Security and Privacy, p.175, May 04-07, 1997
 
12
Kumar, S. and Spafford, E. H (1994) A Pattern-Matching Model for Intrusion Detection PROCEEDINGS OF THE NATIONAL COMPUTER SECURITY CONFERENCE; pp. 11-21 ; Baltimore, MD; Coast TR 95-06
 
13
G. Vigna , R. A. Kemmerer, NetSTAT: A Network-Based Intrusion Detection Approach, Proceedings of the 14th Annual Computer Security Applications Conference, p.25, December 07-11, 1998
 
14
Zerkle, Dan and Levitt, Karl (1996) NetKuang - A multi-host configuration vulnerability checker. In Proceedings of the 6th USENIX UNIX Security Symposium. San Jose, CA. July 1996, p.195-2

CITED BY  31
Mikhail J. Atallah , Craig J. McDonough , Victor Raskin , Sergei Nirenburg, Natural language processing for information assurance and security: an overview and implementations, Proceedings of the 2000 workshop on New security paradigms, p.51-65, September 18-21, 2000, Ballycotton, County Cork, Ireland
Steven Noel , Sushil Jajodia, Managing attack graph complexity through visual hierarchical aggregation, Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security, October 29-29, 2004, Washington DC, USA
Paul Ammann , Duminda Wijesekera , Saket Kaushik, Scalable, graph-based network vulnerability analysis, Proceedings of the 9th ACM conference on Computer and communications security, November 18-22, 2002, Washington, DC, USA
Peng Ning , Yun Cui , Douglas S. Reeves, Constructing attack scenarios through correlation of intrusion alerts, Proceedings of the 9th ACM conference on Computer and communications security, November 18-22, 2002, Washington, DC, USA
Peng Ning , Yun Cui , Douglas S. Reeves , Dingbang Xu, Techniques and tools for analyzing intrusion alerts, ACM Transactions on Information and System Security (TISSEC), v.7 n.2, p.274-318, May 2004
Victor Raskin , Christian F. Hempelmann , Katrina E. Triezenberg , Sergei Nirenburg, Ontology in information security: a useful theoretical foundation and methodological tool, Proceedings of the 2001 workshop on New security paradigms, September 10-13, 2001, Cloudcroft, New Mexico
Peng Ning , Dingbang Xu, Learning attack strategies from intrusion alerts, Proceedings of the 10th ACM conference on Computer and communications security, October 27-30, 2003, Washington D.C., USA
Jedidiah R. Crandall , Zhendong Su , S. Felix Wu , Frederic T. Chong, On deriving unknown vulnerabilities from zero-day polymorphic and metamorphic worm exploits, Proceedings of the 12th ACM conference on Computer and communications security, November 07-11, 2005, Alexandria, VA, USA
Peng Ning , Dingbang Xu, Hypothesizing and reasoning about attacks missed by intrusion detection systems, ACM Transactions on Information and System Security (TISSEC), v.7 n.4, p.591-627, November 2004
Fredrik Valeur , Giovanni Vigna , Christopher Kruegel , Richard A. Kemmerer, A Comprehensive Approach to Intrusion Detection Alert Correlation, IEEE Transactions on Dependable and Secure Computing, v.1 n.3, p.146-169, July 2004
Guofei Gu , Phillip Porras , Vinod Yegneswaran , Martin Fong , Wenke Lee, BotHunter: detecting malware infection through IDS-driven dialog correlation, Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, p.1-16, August 06-10, 2007, Boston, MA
Joseph Pamula , Paul Ammann , Sushil Jajodia , Ronald Ritchey, A framework for establishing, assessing, and managing trust in inter-organizational relationships, Proceedings of the 3rd ACM workshop on Secure web services, November 03-03, 2006, Alexandria, Virginia, USA
Sean Peisert , Sidney Karin , Matt Bishop , Keith Marzullo, Principles-driven forensic analysis, Proceedings of the 2005 workshop on New security paradigms, September 20-23, 2005, Lake Arrowhead, California
Dong Yu , Deborah Frincke, Improving the quality of alerts and predicting intruder's next goal with Hidden Colored Petri-Net, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.51 n.3, p.632-654, February, 2007
Xinming Ou , Sudhakar Govindavajhala , Andrew W. Appel, MulVAL: a logic-based network security analyzer, Proceedings of the 14th conference on USENIX Security Symposium, p.8-8, July 31-August 05, 2005, Baltimore, MD
Wei Li , Rayford B. Vaughn , Yoginder S. Dandass, An Approach to Model Network Exploitations Using Exploitation Graphs, Simulation, v.82 n.8, p.523-541, August 2006
Jingmin Zhou , Mark Heckman , Brennen Reynolds , Adam Carlson , Matt Bishop, Modeling network intrusion detection alerts for correlation, ACM Transactions on Information and System Security (TISSEC), v.10 n.1, p.4-es, February 2007
Nong Ye , Bashettihalli Harish , Toni Farley, Attack profiles to derive data observations, features, and characteristics of cyber attacks, Information-Knowledge-Systems Management, v.5 n.1, p.23-47, January 2005
Salem Benferhat , Karima Sedki, Two alternatives for handling preferences in qualitative choice logic, Fuzzy Sets and Systems, v.159 n.15, p.1889-1912, August, 2008
Phillip Porras , Vitaly Shmatikov, Large-scale collection and sanitization of network security data: risks and challenges, Proceedings of the 2006 workshop on New security paradigms, September 19-22, 2006, Germany
Mohamed Saleh , Ali Reza Arasteh , Assaad Sakha , Mourad Debbabi, Forensic analysis of logs: Modeling and verification, Knowledge-Based Systems, v.20 n.7, p.671-682, October, 2007
Jidong Long , Daniel G. Schwartz, Case-oriented alert correlation, WSEAS Transactions on Computers, v.7 n.3, p.98-112, March 2008
Xiuzhen Chen , Qinghua Zheng , Xiaohong Guan, An OVAL-based active vulnerability assessment system for enterprise computer networks, Information Systems Frontiers, v.10 n.5, p.573-588, November 2008
Reza Sadoddin , Ali Ghorbani, Alert correlation survey: framework and techniques, Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services, October 30-November 01, 2006, Markham, Ontario, Canada
Benjamin Morin , Ludovic Mé , Hervé Debar , Mireille Ducassé, A logic-based model to support alert correlation in intrusion detection, Information Fusion, v.10 n.4, p.285-299, October, 2009
Federico Maggi , Matteo Matteucci , Stefano Zanero, Reducing false positives in anomaly detectors through fuzzy alert aggregation, Information Fusion, v.10 n.4, p.300-311, October, 2009
Virginia N. L. Franqueira , Raul H. C. Lopes , Pascal van Eck, Multi-step attack modelling and simulation (MsAMS) framework based on mobile ambients, Proceedings of the 2009 ACM symposium on Applied Computing, March 08-12, 2009, Honolulu, Hawaii
Jouni Viinikka , Hervé Debar , Ludovic Mé , Anssi Lehikoinen , Mika Tarvainen, Processing intrusion detection alert aggregates with time series modeling, Information Fusion, v.10 n.4, p.312-324, October, 2009
Ali Reza Arasteh , Mourad Debbabi , Assaad Sakha, A Formal Approach for the Forensic Analysis of Logs, Proceeding of the 2006 conference on New Trends in Software Methodologies, Tools and Techniques: Proceedings of the fifth SoMeT_06, p.159-176, May 28, 2006
Lamia Hamza , Kamel Adi, Formal Technique for Discovering Complex Attacks in Computer Systems, Proceeding of the 2007 conference on New Trends in Software Methodologies, Tools and Techniques: Proceedings of the sixth SoMeT_07, p.185-199, June 11, 2007
Reza Sadoddin , Ali A. Ghorbani, Real-time alert correlation using stream data mining techniques, Proceedings of the 20th national conference on Innovative applications of artificial intelligence, p.1731-1737, July 13-17, 2008, Chicago, Illinois

INDEX TERMS

Primary Classification:
  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS

Additional Classification:
  H. Information Systems
  H.1 MODELS AND PRINCIPLES
      H.1.1 Systems and Information Theory
          Subjects: Value of information


General Terms:
Design, Security, Theory

Collaborative Colleagues:
Steven J. Templeton: colleagues
Karl Levitt: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player