Event-driven architecture based on patterns for detecting complex attacks Online publication date: Thu, 04-Nov-2010
by Jesus J. Martinez Molina, Miguel A. Hernandez Ruiz, Manuel Gil Perez, Gregorio Martinez Perez, Antonio F. Gomez Skarmeta
International Journal of Critical Computer-Based Systems (IJCCBS), Vol. 1, No. 4, 2010
Abstract: Complex multistep attacks are the most usual way of performing computer intrusions nowadays. Unfortunately, not many efforts have been done so far to cope with this kind of intrusions, especially considering possible mutations or changes that a given step may have in any complex attack. In this context, this paper describes the design and the first prototype of an architecture built to cope with complex attacks. It lays on a three-tier approach and makes use of events and patterns, as well as two probabilistic values to manage possible variations of an attack. An illustrative example for the directory traversal bug has been described in detail as well.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Critical Computer-Based Systems (IJCCBS):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com
Our Blog 
Follow us on Twitter 
Visit us on Facebook