A distributed intrusion detection approach for secure software architecture.

Inverardi, Paola and Mostarda, Leonardo (2005) A distributed intrusion detection approach for secure software architecture. Lecture Notes in Computer Science, 3527 . pp. 168-184. ISSN 0302-9743

Full text is not in this repository.

Official URL: http://www.springerlink.com/content/megff5hahrkb7v...

This item is available in the Library Catalogue


This paper illustrates an approach to add security policies to a component-based system. We consider black-box-components-based applications, where each component can run concurrently in a different domain. The problem we want to face is to detect at run time that a component might start interacting with the other components in an anomalous way trying to subvert the application. This problem cannot be identified statically because we must take into account the fact that a component can be modified for malicious purposes at run time once deployed. We propose a specification-based approach to detect intrusions at architectural level. The approach is decentralized, that is given a global policy for the whole system, i.e. a set of admissible behaviors, we automatically generate a monitoring filter for each component that looks at local information of interest. Filters then suitably communicate in order to carry on cooperatively the validation of the global policy. With respect to centralized monitors, this approach increases performance, security and reliability and allows the supervision of complex applications where no centralized point of information flow exists or can be introduced.

Item Type:Article
Additional Information:

Conference details: Software Architecture: 2nd European Workshop, EWSA 2005. Held in Pisa, Italy, June 13-14, 2005.

Research Areas:A. > School of Science and Technology > Computer and Communications Engineering
A. > School of Science and Technology > Computer Science > SensoLab group
A. > School of Science and Technology > Computer Science > Intelligent Environments group
Citations on ISI Web of Science:3
ID Code:7378
Useful Links:
Deposited On:30 Mar 2011 14:06
Last Modified:23 Mar 2015 17:27

Repository staff only: item control page

Full text downloads (NB count will be zero if no full text documents are attached to the record)

Downloads per month over the past year