Building attack scenario is one of the most important aspects in network security.This paper pro-posed a system which collects intrusion alerts,clusters them as sub-attacks using alerts abstraction,ag-gregates the sim...Building attack scenario is one of the most important aspects in network security.This paper pro-posed a system which collects intrusion alerts,clusters them as sub-attacks using alerts abstraction,ag-gregates the similar sub-attacks,and then correlates and generates correlation graphs.The scenarios wererepresented by alert classes instead of alerts themselves so as to reduce the required rules and have the a-bility of detecting new variations of attacks.The proposed system is capable of passing some of the missedattacks.To evaluate system effectiveness,it was tested with different datasets which contain multi-stepattacks.Compressed and easily understandable Correlation graphs which reflect attack scenarios were gen-erated.The proposed system can correlate related alerts,uncover the attack strategies,and detect newvariations of attacks.展开更多
面向对象所具有的类、封装、继承、动态连接等特性,使得面向对象测试步骤的划分以及测试策略的选择有别于传统的测试思想.本文针对面向对象软件的特点,采用基于模型的软件测试方法,对UML(United Model Language)设计模型中的顺序图添加O...面向对象所具有的类、封装、继承、动态连接等特性,使得面向对象测试步骤的划分以及测试策略的选择有别于传统的测试思想.本文针对面向对象软件的特点,采用基于模型的软件测试方法,对UML(United Model Language)设计模型中的顺序图添加OCL(Object Constraints Language)约束,做类间交互的软件测试.本文提出执行图EG生成算法,将顺序图SD转换为执行图EG,解决UML2.0顺序图新增特性中的alt、loop、opt、break四种常见组合片段及其嵌套和多态性问题;为得到最小完备的测试路径,本文提出了EG的遍历策略和测试路径生成算法;最后,根据测试路径确定测试场景,并删除无效场景,生成测试用例.经实验验证,此方法可以基于UML顺序图与OCL约束进行系统地测试.展开更多
基金the National High Technology Research and Development Programme of China(2006AA01Z452)
文摘Building attack scenario is one of the most important aspects in network security.This paper pro-posed a system which collects intrusion alerts,clusters them as sub-attacks using alerts abstraction,ag-gregates the similar sub-attacks,and then correlates and generates correlation graphs.The scenarios wererepresented by alert classes instead of alerts themselves so as to reduce the required rules and have the a-bility of detecting new variations of attacks.The proposed system is capable of passing some of the missedattacks.To evaluate system effectiveness,it was tested with different datasets which contain multi-stepattacks.Compressed and easily understandable Correlation graphs which reflect attack scenarios were gen-erated.The proposed system can correlate related alerts,uncover the attack strategies,and detect newvariations of attacks.
文摘面向对象所具有的类、封装、继承、动态连接等特性,使得面向对象测试步骤的划分以及测试策略的选择有别于传统的测试思想.本文针对面向对象软件的特点,采用基于模型的软件测试方法,对UML(United Model Language)设计模型中的顺序图添加OCL(Object Constraints Language)约束,做类间交互的软件测试.本文提出执行图EG生成算法,将顺序图SD转换为执行图EG,解决UML2.0顺序图新增特性中的alt、loop、opt、break四种常见组合片段及其嵌套和多态性问题;为得到最小完备的测试路径,本文提出了EG的遍历策略和测试路径生成算法;最后,根据测试路径确定测试场景,并删除无效场景,生成测试用例.经实验验证,此方法可以基于UML顺序图与OCL约束进行系统地测试.