Ex-SDF: An Extended Service Dependency Framework for Intrusion Impact Assessment

机译：前SDF：用于入侵影响评估的扩展服务依赖关系框架

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

Information systems are increasingly dependent on highly distributed architectures that include multiple dependencies. Even basic attacks like script-kiddies have drastic effects on target systems as they easily spread through existing dependencies. Unless intrusion effects are accurately assessed, response systems will still be blinded when selecting optimal responses. In fact, using only response costs as a basis to select responses is still meaningless if not compared to intrusion costs. While conventional responses provoke mostly availability impacts, intrusions affect confidentiality, integrity and availability. This paper develops an approach to assess intrusion impacts on IT systems. It uses service dependencies as frames for propagating impacts. It goes beyond existing methods which mostly use dependability anal ysis techniques. It explores service privileges as being the main targets for attackers, and the tunable parameters for intrusion response. The approach presented in this paper is implemented as a simulation-based framework and demonstrated for the example of a vehicle reservation service.

机译：信息系统越来越依赖高度分散的体系结构，该体系结构包含多个依赖性。甚至像脚本之类的基本攻击也会对目标系统产生巨大影响，因为它们很容易通过现有依赖项传播。除非准确评估入侵效果，否则在选择最佳响应时响应系统仍然是盲目的。实际上，仅将响应成本作为选择响应的基础，即使与入侵成本相比也没有任何意义。尽管传统的响应方式主要引起可用性方面的影响，但入侵会影响机密性，完整性和可用性。本文提出了一种评估入侵对IT系统影响的方法。它使用服务依赖项作为传播影响的框架。它超越了大多数使用可靠性分析技术的现有方法。它探索服务特权作为攻击者的主要目标，以及入侵响应的可调参数。本文提出的方法是作为基于仿真的框架实现的，并以车辆预订服务为例进行了演示。

著录项

来源
《Security and privacy-silver linings in the cloud》|2010年|p.148-160|共13页
会议地点 Brisbane(AU);Brisbane(AU);Brisbane(AU);Brisbane(AU)
作者
Nizar Kheir; Nora Cuppens-Boulahia; Frederic Cuppens; Herve Debar;
展开▼
作者单位

Telecom Bretagne,2 rue de la Chataigneraie, 35512 Cesson Sevigne, France, France Telecom RD, 42 rue des Coutures, 14066 Caen, France;

Telecom Bretagne,2 rue de la Chataigneraie, 35512 Cesson Sevigne, France;

Telecom Bretagne,2 rue de la Chataigneraie, 35512 Cesson Sevigne, France;

Telecom SudParis, 9 rue Charles Fourier, 91011 Evry, France;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类安全保密;
关键词

相似文献

外文文献
中文文献
专利

1. Realtime intrusion risk assessment model based on attack and service dependency graphs [J] . Shameli-Sendi Alireza, Dagenais Michel, Wang Lingyu Computer Communications . 2018,第JANa期

机译：基于攻击和服务依赖图的实时入侵风险评估模型
2. Spatial dynamics in people-wetland association: an assessment of rural dependency on ecosystem services extended by Purbasthali Wetland, West Bengal [J] . Mandal Mehedi Hasan, Roy Arindam, Siddique Giyasuddin Environment, development and sustainability . 2021,第7期

机译：人湿地协会的空间动态：普通孟加拉河湿地延伸农村依赖的农村依赖评价
3. Assessment of ecosystem services and dis-services of an agro-ecosystem based on extended emergy framework: A case study of Luancheng county, North China [J] . Ma Fengjiao, Eneji A. Egrinya, Liu Jintong Ecological engineering: The Journal of Ecotechnology . 2015,第Null期

机译：基于扩展能源框架的农业生态系统生态系统服务与生态服务价值评估-以华北栾城县为例
4. Ex-SDF: An Extended Service Dependency Framework for Intrusion Impact Assessment [C] . Nizar Kheir, Nora Cuppens-Boulahia, Frederic Cuppens, IFIP TC 11 international information security conference . 2010

机译：EX-SDF：入侵影响评估的扩展服务依赖框架
5. A Dependency Based Impact Analysis Framework for Service-Oriented System Evolution. [D] . Wang, Shuying. 2010

机译：一个基于依赖的影响分析框架，用于面向服务的系统演进。
6. FSM-F: Finite State Machine Based Framework for Denial of Service and Intrusion Detection in MANET [O] . Malik N. Ahmed, Abdul Hanan Abdullah, Omprakash Kaiwartya -1

机译：FSM-F：MANET中基于有限状态机的拒绝服务和入侵检测框架
7. Ex-SDF: an extended service dependency framework for intrusion impact assessment [O] . Kheir, Nizar, CUPPENS-BOULAHIA, Nora, Cuppens, Frédéric, 2010

机译：前SDF：用于入侵影响评估的扩展服务依赖关系框架

Ex-SDF: An Extended Service Dependency Framework for Intrusion Impact Assessment

摘要

著录项

相似文献

相关主题

期刊订阅