{"title":"A signature exchange model for heterogeneous intrusion detection systems","authors":"Dwen-Ren Tsai, Chien-Ning Huang","doi":"10.1109/CCST.2009.5335528","DOIUrl":null,"url":null,"abstract":"In this paper, we propose an UML-based generic format set of intrusion signatures for heterogeneous intrusion detecting systems (IDSs) via analyzing signature formats of three popular IDS products. We also propose an attack signature exchange model of heterogeneous IDSs. With this model, an attack signature generated by one IDS could be adopted by different IDSs easily. The proposed XML-based generic signature format set is designed to be extensible, and therefore it should be easy to incorporate new features in the future. When a software vendor releases its software patch packages together with the signatures addressing the potential attacks, the signatures detected can be easily and promptly included into IDSs reported from different vendors using this model.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"11 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"43rd Annual 2009 International Carnahan Conference on Security Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCST.2009.5335528","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
In this paper, we propose an UML-based generic format set of intrusion signatures for heterogeneous intrusion detecting systems (IDSs) via analyzing signature formats of three popular IDS products. We also propose an attack signature exchange model of heterogeneous IDSs. With this model, an attack signature generated by one IDS could be adopted by different IDSs easily. The proposed XML-based generic signature format set is designed to be extensible, and therefore it should be easy to incorporate new features in the future. When a software vendor releases its software patch packages together with the signatures addressing the potential attacks, the signatures detected can be easily and promptly included into IDSs reported from different vendors using this model.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
