Title :
A signature exchange model for heterogeneous intrusion detection systems
Author :
Tsai, Dwen-Ren ; Huang, Chien-Ning
Author_Institution :
Dept. of Comput. Sci., Chinese Culture Univ., Taipei, Taiwan
Abstract :
In this paper, we propose an UML-based generic format set of intrusion signatures for heterogeneous intrusion detecting systems (IDSs) via analyzing signature formats of three popular IDS products. We also propose an attack signature exchange model of heterogeneous IDSs. With this model, an attack signature generated by one IDS could be adopted by different IDSs easily. The proposed XML-based generic signature format set is designed to be extensible, and therefore it should be easy to incorporate new features in the future. When a software vendor releases its software patch packages together with the signatures addressing the potential attacks, the signatures detected can be easily and promptly included into IDSs reported from different vendors using this model.
Keywords :
Unified Modeling Language; XML; digital signatures; security of data; software maintenance; software packages; UML-based generic format set; XML-based generic signature; heterogeneous intrusion detection system; software patch package; software vendor; unified modeling language; Computer science; Data analysis; Databases; Face detection; IP networks; Information management; Intrusion detection; Packaging; Software packages; XML; Extensible Markup Language (XML); Intrusion Detection System (IDS); Network Security; attack signature;
Conference_Titel :
Security Technology, 2009. 43rd Annual 2009 International Carnahan Conference on
Conference_Location :
Zurich
Print_ISBN :
978-1-4244-4169-3
Electronic_ISBN :
978-1-4244-4170-9
DOI :
10.1109/CCST.2009.5335528
