By Topic

Towards Incorporating Discrete-Event Systems in Secure Software Development

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Whittaker, S.-J. ; Sch. of Comput., Queen''s Univ., Kingston, ON ; Zulkernine, M. ; Rudie, K.

When designers and developers create software they often overlook issues related to security. Ideally, protection of the program from illegal usage would be considered at each stage of this program's life cycle. The proposition put forward here is to augment intrusion detection systems (IDSs) and employ them as a tool to support secure software development. Many state-based intrusion detection methods share structural and behavioural similarities with the set of processes known as discrete-event systems (DESs). A common structure for modelling DESs is the deterministic finite-state automaton. There exist several compatible anomaly detection techniques which construct finite- state machine models of normal behaviour through the decomposition of associated data (e.g., system calls, HTTP requests) into sequences of events. This paper proposes the application of decentralized DES theory to formally analyze and enhance these approaches to anomaly detection with misuse prevention. Models of misuse attacks are generated in the same manner as the legal usage representation, then augmented and integrated into the program model to prevent the execution of malicious sequences. The technique described herein simultaneously uses anomaly and misuse approaches to prevent and disable attacks before their completion.

Published in:

Availability, Reliability and Security, 2008. ARES 08. Third International Conference on

Date of Conference:

4-7 March 2008