期刊文献+

基于本体的Web服务攻击检测技术研究 被引量:2

Research of Web Services attack detection based on ontology
下载PDF
导出
摘要 Web服务在给基于异构平台的应用集成带来极大便利的同时,各核心组件也面临着被恶意攻击的威胁。目前,主要依靠入侵检测系统(IDS)来检测这些攻击,但是分布在网络中的IDS往往是由不同的厂商或组织开发的,没有用于交换知识的可被共同理解的词汇集,难以交互和协作,工作效率低且很难抵御多层次、分布式攻击。提出了一种基于本体和Web本体标准语言(OWL)的Web服务攻击分类和描述方法,通过构建Web服务攻击本体以提供不同IDS共同理解的词汇集。在此基础上,设计了一种基于Web服务攻击本体库的入侵检测系统(O-IDS),能有效弥补现有IDS难以交互的不足,提高对多层次、分布式攻击的检测能力。 Web service greatly facilitates the application-to-application integration based on heterogeneous platform,but its core components are faced with threats of malicious attacks.Currently,the Intrusion Detection System(IDS) is usually used to prevent these attacks.However,the IDSs distributed throughout the network may be developed by different vendors and there is not a common vocabulary understandable among them.Therefore,the IDSs stopped people from cooperatively preventing the multi-phased and distributed attacks easily.In this paper,a new method based on ontology and OWL to classify and describe the Web services attack was presented.Through constructing a Web services attack ontology,the common understandable vocabulary could be provided for different IDSs.Then,an intrusion detection system based on the Web Service Attack ontology(called O-IDS) was presented as well,which could efficiently overcome the shortage of the existed IDS and enhance the ability to detect the multi-phased and distributed attacks.
出处 《计算机应用》 CSCD 北大核心 2011年第6期1515-1520,共6页 journal of Computer Applications
基金 江苏省自然科学基金资助项目(BK2010132)
关键词 WEB服务 攻击 入侵检测系统 本体 Web Services attack Intrusion Detection System(IDS) ontology
  • 相关文献

参考文献15

  • 1PADMANABHUNI S, SINGH V, KUMAR K M S, et al. Preventing Service Oriented Denial of Service (PreSODoS) [ C]. ICWS'06: Proceedings of the IEEE International Conference on Web Services. Washington, DC: IEEE Computer Society, 2006:577-584.
  • 2XU JUN, LEE WOOYONG. Sustaining availability of Web services under distributed denial of service attacks[ J]. IEEE Transactions on Computers, 2003, 52(2): 195-208.
  • 3WANG JUN. Defending against denial of Web serviees using sessions[ R]. Sankt Augustin: NEC Europe, 2006.
  • 4黄康宇,吴礼发,吴海佳.Web服务恶意内容攻击检测技术[J].计算机应用,2010,30(8):2134-2138. 被引量:2
  • 5林岳,宋保华,段海波,黄风雷.现代语义技术及其应用[J].计算机应用研究,2005,22(6):130-132. 被引量:5
  • 6RASKIN V, NIRENBURG S, TRIEZENBERG K E, et al. Ontology in information security: A useful theoretical foundation and methodological tool[C]// NSPW'01: Proceedings of the 2001 Workshop on New Security Paradigms. New York: ACM Press, 2002:67 -73.
  • 7UNDERCOFFER J, JOSHI A, PINKSTON J. Modeling computer attacks: An ontology for intrusion detection[ C]// Proceedings of 6th International Symposium on Recent Advances in Intrusion Detection, LNCS 2516. Berlin: Springer-Verlag, 2003:113 - 135.
  • 8OWL Web Ontology Language Guide Recommendation[ EB/OL]. [2010 - 09 - 01 ]. http://www, w3. org/TR/2004/REC-owl- guide-20040210/.
  • 9GRUBER T R. A translation approach to portable ontology specifications[J]. Knowledge Acquisition, 1993, 5(2): 199- 220.
  • 10BORST W N. Construction of engineering ontologies for knowledge sharing and reuse[ D]. Enschede: University of Tweente, 1997.

二级参考文献53

  • 1林岳,宋保华,段海波,黄风雷.现代语义技术及其应用[J].计算机应用研究,2005,22(6):130-132. 被引量:5
  • 2W3C. Web services architecture[ S/OL]. (2004-02-11) [2009-03- 09 ]. http ://www. w3. org/TR/ws-arch/.
  • 3OASIS. Web services security: SOAP message security 1.1 [ S/OL]. (2006-02-01) [ 2009- 03- 09 ]. http ://docs. oasis-open, org/wss/ vl. 1/wss-vl. 1 -spec-os-SOAPMessageSecurity. pdf.
  • 4OASIS. WS-trust 1.3[S/OL]. (2007/-03-19) [2009-03-09]. http:// does. oasis-open, org/ws-sx/ws-trust/200512/ws-trust-1. 3-os. pelf.
  • 5OASIS. WS-secure conversation 1. 3 [ S/OL ]. ( 200% 03- 01 )[2009-03-09]. http://docs, oasis-open, org/ws-sx/ws-secureconversation/200512/ws-secureconversation-I. 3-os. pdf.
  • 6OASIS. WS-security policy 1.2 [ S/OL]. (2007-07-01) [2009-03- 09 ]. http://docs, oasis-open, org/ws-sx/ws-securitypolicy/200702/ ws-securitypolicy-1.2-spec-os, pdf.
  • 7W3C. Web services description language (WSDL) version 2.0 part 1 : core language[ S/OL]. (2007-06-26) [ 2009-03- 09 ]. http :// www. w3. org/TR/wsdl/.
  • 8OASIS. UDDI version 3.0.2 [ S/OL]. (2004- 10- 19 ) [ 2009- 03- 09 ]. http ://www. uddi. org/pubs/uddi_v3, htm.
  • 9DEMCHENKO Y. Grid and Web services security vulnerabilities and threats analysis and model[R]. [ S. l. ] : EGEE, 2005.
  • 10BHALLA N, KAZEROONI S. Web services vulnerabilities:a white paper outlining the application-level threats to Web services[ R]. [ S. l. ] : Security Compass Inc, 2007.

共引文献13

同被引文献15

引证文献2

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部