Abstract
We introduce SOID, a Simple Ontology for Intrusion Detection, that allows an agent-aided intrusion detection tool called Alba (ALert BArrage) to reason about computer security incidents at a higher level of abstraction than most current intrusion detection systems do.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Anderson, J.P.: Computer security threat monitoring and surveillance. Technical report, James P. Anderson Co, Fort Whanington, PA, USA (1980)
Axelsson, S.: The base-rate fallacy and the difficulty of intrusion detection. ACM Transactions on Information and System Security 3, 186–205 (2000)
White, M.G.B., Fisch, E.A., Pooch, U.W.: Cooperating security managers: A peer-based intrusion detection system. IEEE Network 10, 20–23 (1996)
Spafford, E.H., Zamboni, D.: Intrusion detection using autonomous agents. Computer Networks 34, 547–570 (2000)
Carver, C.A., Hill, J.M., Surdu, J.R., Pooch, U.W.: A methodology for using intelligent agents to provide automated intrusion response. In: Proc. of the IEEE Workshop on Information Assurance and Security, West Point, NY, pp. 110–116 (2000)
Gorodetski, V.I., Popyack, L.J., Kotenko, I.V., Skormin, V.A.: Ontology-based multi-agent model of information security system. In: Zhong, N., Skowron, A., Ohsuga, S. (eds.) RSFDGrC 1999. LNCS (LNAI), vol. 1711, pp. 528–532. Springer, Heidelberg (1999)
Stevens, R., Bechhofer, S., Goble, C.: Ontology-based Knowledge Representation for Bioinformatics. Briefings in Bioinformatics 1 (2000)
Arcos, J., Plaza, E.: Inference and reflection in the object-centered representation language Noos. Journal of Future Generation Computer Systems 12, 173–188 (1996)
Goldman, R.P., Heimerdinger, W., Harp, S.A., Geib, C.W., Thomas, V., Carter, R.L.: Information modeling for intrusion report aggregation. In: DICEX (2001)
Howard, J.D., Longstaff, T.A.: A common language for computer security incidents. Technical Report SAND98-8667, Sandia National Laboratories (1998)
Martin, F.J., Plaza, E.: Case-based sequence analysis for intrusion detection (2003) (Submitted)
Morin, B., Mé, L., Debar, H., Ducassé, M.: M2d2: A formal data model for ids alert correlation. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol. 2516, pp. 115–137. Springer, Heidelberg (2002)
Porras, P.A., Fong, M.W., Valdes, A.: A mission-impact-based approach to INFOSEC alarm correlation. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol. 2516, pp. 95–114. Springer, Heidelberg (2002)
Ning, P., Jajodia, S., Wang, X.S.: Abstraction-based intrusion detection in distributed environments. ACM Transactions on Information and System Security 4, 407–452 (2001)
Undercoffer, J., Pinkston, J.: Modeling computer attacks: A target-centric ontology for intrusion detection. In: CADIP Research Symposium (2002)
Raskin, V., Hempelmann, C.F., Triezenberg, K.E., Nirenburg, S.: Ontology in information security: a useful theoretical foundation and methodological tool. In: Proc. Workshop on New Security Paradigms, pp. 53–59. ACM Press, New York (2001)
Noel, S.: Development of a cyber-defense ontology. Center for Secure Information Systems George Mason University, Fairfax, Virginia (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Martin, F.J., Plaza, E. (2003). SOID: An Ontology for Agent-Aided Intrusion Detection. In: Palade, V., Howlett, R.J., Jain, L. (eds) Knowledge-Based Intelligent Information and Engineering Systems. KES 2003. Lecture Notes in Computer Science(), vol 2773. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45224-9_165
Download citation
DOI: https://doi.org/10.1007/978-3-540-45224-9_165
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40803-1
Online ISBN: 978-3-540-45224-9
eBook Packages: Springer Book Archive