摘要
Web服务在给基于异构平台的应用集成带来极大便利的同时,各核心组件也面临着被恶意攻击的威胁。目前,主要依靠入侵检测系统(IDS)来检测这些攻击,但是分布在网络中的IDS往往是由不同的厂商或组织开发的,没有用于交换知识的可被共同理解的词汇集,难以交互和协作,工作效率低且很难抵御多层次、分布式攻击。提出了一种基于本体和Web本体标准语言(OWL)的Web服务攻击分类和描述方法,通过构建Web服务攻击本体以提供不同IDS共同理解的词汇集。在此基础上,设计了一种基于Web服务攻击本体库的入侵检测系统(O-IDS),能有效弥补现有IDS难以交互的不足,提高对多层次、分布式攻击的检测能力。
Web service greatly facilitates the application-to-application integration based on heterogeneous platform,but its core components are faced with threats of malicious attacks.Currently,the Intrusion Detection System(IDS) is usually used to prevent these attacks.However,the IDSs distributed throughout the network may be developed by different vendors and there is not a common vocabulary understandable among them.Therefore,the IDSs stopped people from cooperatively preventing the multi-phased and distributed attacks easily.In this paper,a new method based on ontology and OWL to classify and describe the Web services attack was presented.Through constructing a Web services attack ontology,the common understandable vocabulary could be provided for different IDSs.Then,an intrusion detection system based on the Web Service Attack ontology(called O-IDS) was presented as well,which could efficiently overcome the shortage of the existed IDS and enhance the ability to detect the multi-phased and distributed attacks.
出处
《计算机应用》
CSCD
北大核心
2011年第6期1515-1520,共6页
journal of Computer Applications
基金
江苏省自然科学基金资助项目(BK2010132)
关键词
WEB服务
攻击
入侵检测系统
本体
Web Services
attack
Intrusion Detection System(IDS)
ontology