Title :
Ontology-based modeling of DDoS attacks for attack plan detection
Author :
Ansarinia, M. ; Asghari, Seyyed Amir ; Souzani, A. ; Ghaznavi, A.
Author_Institution :
Inf. & Commun. Security Dept., Iran Telecommun. Res. Center (ITRC), Tehran, Iran
Abstract :
This paper proposes an effective approach to model DDoS attacks, and its application to recognize attack plans prior to the actual incident. The goals of this study are, firstly model DDoS attacks, their prerequisites and consequences using semantic representation in order to provide description logic of DDoS attacks; and secondly, propose an ontology-based solution which detects potential DDoS attacks using inference over observing knowledge provided by sensory inputs. Unlike other ontologies in network attack domains, proposed ontology is generated automatically using well-known taxonomies like CAPEC, CWE, and CVE datasets. Proposed method not only introduces semantic to exchange knowledge between machines, but also provides a framework by which machine can detect intrusions.
Keywords :
computer network security; formal logic; ontologies (artificial intelligence); CAPEC datasets; CVE datasets; CWE datasets; DDoS attack detection; attack plan detection; attack plans prior recognition; description logic; intrusion detection; knowledge exchange; network attack domains; ontology-based modeling; semantic representation; Cognition; Computer crime; Knowledge based systems; Ontologies; Semantics; Syntactics; Taxonomy; DDoS Attacks; Inference; Knowledge Engineering; Ontology; Plan Recognition;
Conference_Titel :
Telecommunications (IST), 2012 Sixth International Symposium on
Conference_Location :
Tehran
Print_ISBN :
978-1-4673-2072-6
DOI :
10.1109/ISTEL.2012.6483131
