Uma Abordagem para Detecção de Ataques Distribuídos e de Múltiplas Etapas baseada na Composição de Serviços Web voltados à Segurança
Abstract
This paper presents an architecture based on web services for distributed, multi-stage attack detection. The architecture provides a uniform mechanism to communicate with different security services and allows events generated by these services to be correlated, as well as countermeasures to be executed.References
Cuppens, F. and Miége, A. (2002) "Alert Correlation in a Cooperative Intrusion Detection Framework", Proceedings in IEEE Symposium on Security and Privacy, pp 187 - 200.
Cheung, S., Lindqvist, U. and Fong, W. M. (2003) "Modeling Multistep Cyber Attacks for Scenario Recognition", DARPA Information Survivability Conference and Exposition (DISCEX III), pp. 284 - 292.
Debar, H. and Wespi, A. (2001) "Aggregation and Correlation of Intrusion-Detection Alerts", Lecture Notes in Computer Science, Proceedings RAID, pp. 85 - 103.
Debar, H., Curry, D. and Feinstein, B. (2004) "The Intrusion Detection Message Exchange", IETF Intrusion Detection Exchange Format Working Group, Internet Draft.
Eckmann, T. S., Vigna, G., Kemmerer, A. R. (2002) "STATL: An Attack Language for Statebased Intrusion Detection", Journal of Computer Security, vol. 10, nº. 2, pp. 71-104.
Graham, S., Nib lett, P., Chappell, D. (2004) Web Services Notification. Online: http://www.oasis-open.org/committees/documents.php?wg_abbrev=wsn (junho de 2005).
Cheung, S., Lindqvist, U. and Fong, W. M. (2003) "Modeling Multistep Cyber Attacks for Scenario Recognition", DARPA Information Survivability Conference and Exposition (DISCEX III), pp. 284 - 292.
Debar, H. and Wespi, A. (2001) "Aggregation and Correlation of Intrusion-Detection Alerts", Lecture Notes in Computer Science, Proceedings RAID, pp. 85 - 103.
Debar, H., Curry, D. and Feinstein, B. (2004) "The Intrusion Detection Message Exchange", IETF Intrusion Detection Exchange Format Working Group, Internet Draft.
Eckmann, T. S., Vigna, G., Kemmerer, A. R. (2002) "STATL: An Attack Language for Statebased Intrusion Detection", Journal of Computer Security, vol. 10, nº. 2, pp. 71-104.
Graham, S., Nib lett, P., Chappell, D. (2004) Web Services Notification. Online: http://www.oasis-open.org/committees/documents.php?wg_abbrev=wsn (junho de 2005).
Published
2005-09-26
How to Cite
FAGUNDES, Leonardo Lemes; GASPARY, Luciano Paschoal.
Uma Abordagem para Detecção de Ataques Distribuídos e de Múltiplas Etapas baseada na Composição de Serviços Web voltados à Segurança. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 5. , 2005, Florianópolis.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2005
.
p. 343-346.
DOI: https://doi.org/10.5753/sbseg.2005.21554.
