Title :
Timed Coloured Petri Net Model for Misuse Intrusion Detection
Author :
Srinivasan, N. ; Vaidehi, V.
Author_Institution :
Dept. of Inf. Technol., Anna Univ., Chennai
Abstract :
Misuse detection is the process of attempting to identify instances of network attacks by comparing current activity against the expected actions of an intruder. Most current approaches to misuse detection involve the use of rule-based expert systems to identify indications of known attacks. However, these techniques are less successful in identifying attacks which vary from expected patterns. This paper presents a general model based on timed coloured Petri net, capable of handling patterns generated to model the attack behavior as sequence of events. This model also allows flagging an attack, when the behavior of one or more processes matches the attack behavior. In addition, graphical representation of a timed coloured Petri net gives a straightforward view of relations between attacks
Keywords :
Petri nets; expert systems; pattern matching; security of data; attack flagging; graphical representation; misuse intrusion detection; network attacks; patterns handling; rule-based expert systems; timed coloured Petri net model; Computer networks; Electronics industry; Expert systems; Industrial electronics; Information systems; Information technology; Intrusion detection; Pattern matching; Petri nets; Protection;
Conference_Titel :
Industrial and Information Systems, First International Conference on
Conference_Location :
Peradeniya
Print_ISBN :
1-4244-0322-7
DOI :
10.1109/ICIIS.2006.365789
