João Lima, Filipe Apolinário, Nelson Escravana, Carlos Ribeiro
{"title":"BP-IDS:使用业务流程规范在关键基础设施中利用入侵检测","authors":"João Lima, Filipe Apolinário, Nelson Escravana, Carlos Ribeiro","doi":"10.1109/ISSREW51248.2020.00029","DOIUrl":null,"url":null,"abstract":"Intrusion detection systems typically suffer from effectiveness problems, of being incapable of detecting new threats, or generating too many false alarms to be of any usefulness. Specification-based intrusion detection systems tackle these problems, exhibiting low false alarm rates and being able to detect new threats, however, they have been seldom used, because they require to completely specify every acceptable action of the monitored system. On the other hand, safety-critical systems would greatly benefit from effective intrusion detection systems, as they are often well specified from a business process point of view, which makes them specially suited for these systems, provided that one translates high-level business process specifications into intrusion detection rules. This paper proposes BP-IDS, a specification-based intrusion detection system that automatically performs this translation. BP-IDS was tested on a critical transportation infrastructure and was able to exhibit good detection results.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"BP-IDS: Using business process specification to leverage intrusion detection in critical infrastructures\",\"authors\":\"João Lima, Filipe Apolinário, Nelson Escravana, Carlos Ribeiro\",\"doi\":\"10.1109/ISSREW51248.2020.00029\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Intrusion detection systems typically suffer from effectiveness problems, of being incapable of detecting new threats, or generating too many false alarms to be of any usefulness. Specification-based intrusion detection systems tackle these problems, exhibiting low false alarm rates and being able to detect new threats, however, they have been seldom used, because they require to completely specify every acceptable action of the monitored system. On the other hand, safety-critical systems would greatly benefit from effective intrusion detection systems, as they are often well specified from a business process point of view, which makes them specially suited for these systems, provided that one translates high-level business process specifications into intrusion detection rules. This paper proposes BP-IDS, a specification-based intrusion detection system that automatically performs this translation. BP-IDS was tested on a critical transportation infrastructure and was able to exhibit good detection results.\",\"PeriodicalId\":202247,\"journal\":{\"name\":\"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISSREW51248.2020.00029\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISSREW51248.2020.00029","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
BP-IDS: Using business process specification to leverage intrusion detection in critical infrastructures
Intrusion detection systems typically suffer from effectiveness problems, of being incapable of detecting new threats, or generating too many false alarms to be of any usefulness. Specification-based intrusion detection systems tackle these problems, exhibiting low false alarm rates and being able to detect new threats, however, they have been seldom used, because they require to completely specify every acceptable action of the monitored system. On the other hand, safety-critical systems would greatly benefit from effective intrusion detection systems, as they are often well specified from a business process point of view, which makes them specially suited for these systems, provided that one translates high-level business process specifications into intrusion detection rules. This paper proposes BP-IDS, a specification-based intrusion detection system that automatically performs this translation. BP-IDS was tested on a critical transportation infrastructure and was able to exhibit good detection results.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
