Intrusion Management Using Configurable Architecture Models
نویسندگان
چکیده
Software is increasingly being constructed using the component-based paradigm in which software systems are assembled using components from multiple sources. Moreover, these systems are increasingly dynamic; a core set of components is assembled and then new functionality is provided as needed by dynamically inserting additional components. A newer trend closely associated with the use of component-based software is the postdevelopment use of configurable run-time architecture models describing the structure of the software system. These models are coming out of the software engineering community and are being used to manage component-based systems at deployment and operations time. The key aspect of this trend is that these models accompany the software system and provide the basis for defining and executing run-time monitoring and reconfiguration of these systems. We believe that these models have the potential for providing a new and important source of information that can be exploited to improve the management of intrusions directed against these software systems. Our hypothesis is that they can provide a common framework for integrating and managing all phases of intrusion defenses: phases including intrusion detection, response, and analysis. We will show how these models can provide a framework around which to organize intrusion-related data. We will also show how architecture-driven reconfiguration can provide improved response, and how inconsistencies between the models and the actual system state can support application-level anomaly detection and computer forensics analysis.
منابع مشابه
Proposing A Distributed Model For Intrusion Detection In Mobile Ad-Hoc Network Using Neural Fuzzy Interface
Security term in mobile ad hoc networks has several aspects because of the special specification of these networks. In this paper a distributed architecture was proposed in which each node performed intrusion detection based on its own and its neighbors’ data. Fuzzy-neural interface was used that is the composition of learning ability of neural network and fuzzy Ratiocination of fuzzy system as...
متن کاملProposing A Distributed Model For Intrusion Detection In Mobile Ad-Hoc Network Using Neural Fuzzy Interface
Security term in mobile ad hoc networks has several aspects because of the special specification of these networks. In this paper a distributed architecture was proposed in which each node performed intrusion detection based on its own and its neighbors’ data. Fuzzy-neural interface was used that is the composition of learning ability of neural network and fuzzy Ratiocination of fuzzy system as...
متن کاملAldwairi, Monther Mustafa. Hardware Efficient Pattern Matching Algorithms and Architectures for Fast Intrusion Detection. (under the Direction of Dr. Paul Franzon). Table of Contents
ALDWAIRI, MONTHER MUSTAFA. Hardware Efficient Pattern Matching Algorithms and Architectures for Fast Intrusion Detection. (Under the direction of Dr. Paul Franzon). Intrusion detection processors are becoming a predominant feature in the field of network hardware. As demand on more network speed increases and new network protocols emerge, network intrusion detection systems are increasing in im...
متن کاملSoftware Architecture, Configuration Management, and Configurable Distributed Systems: A Ménage a Trois
Software architecture, configuration management, and configurable distributed systems are three areas of research that until now have evolved separately. Contributions in each field have focused on their respective area of concern. However, as solutions in the three fields tend to center around some notion of a system model, it is worthwhile to investigate their relationship in detail. In parti...
متن کامل