Journal of Computer Applications ›› 2011, Vol. 31 ›› Issue (06): 1515-1520.DOI: 10.3724/SP.J.1087.2011.01515
• Information security • Previous Articles Next Articles
CHEN Jun,WU Lifa,XU Guanghui,HE Zhengqiu,HUNAG Kangyu
Received:
Revised:
Online:
Published:
Contact:
陈军,吴礼发,胥光辉,贺正求,黄康宇
通讯作者:
作者简介:
基金资助:
Abstract: Web service greatly facilitates the application-to-application integration based on heterogeneous platform, but its core components are faced with threats of malicious attacks. Currently, the Intrusion Detection System (IDS) is usually used to prevent these attacks. However, the IDSs distributed throughout the network may be developed by different vendors and there is not a common vocabulary understandable among them. Therefore, the IDSs stopped people from cooperatively preventing the multi-phased and distributed attacks easily. In this paper, a new method based on ontology and OWL to classify and describe the Web services attack was presented. Through constructing a Web services attack ontology, the common understandable vocabulary could be provided for different IDSs. Then, an intrusion detection system based on the Web Service Attack ontology (called O-IDS) was presented as well, which could efficiently overcome the shortage of the existed IDS and enhance the ability to detect the multi-phased and distributed attacks.
Key words: Web Services, attack, Intrusion Detection System (IDS), ontology
摘要: Web服务在给基于异构平台的应用集成带来极大便利的同时,各核心组件也面临着被恶意攻击的威胁。目前,主要依靠入侵检测系统(IDS)来检测这些攻击,但是分布在网络中的IDS往往是由不同的厂商或组织开发的,没有用于交换知识的可被共同理解的词汇集,难以交互和协作,工作效率低且很难抵御多层次、分布式攻击。提出了一种基于本体和Web本体标准语言(OWL)的Web服务攻击分类和描述方法,通过构建Web服务攻击本体以提供不同IDS共同理解的词汇集。在此基础上,设计了一种基于Web服务攻击本体库的入侵检测系统(O-IDS),能有效弥补现有IDS难以交互的不足,提高对多层次、分布式攻击的检测能力。
关键词: Web服务, 攻击, 入侵检测系统, 本体
CLC Number:
TP393.08
CHEN Jun WU Lifa XU Guanghui HE Zhengqiu HUNAG Kangyu. Research of Web Services attack detection based on ontology[J]. Journal of Computer Applications, 2011, 31(06): 1515-1520.
陈军 吴礼发 胥光辉 贺正求 黄康宇. 基于本体的Web服务攻击检测技术研究[J]. 计算机应用, 2011, 31(06): 1515-1520.
0 / Recommend
Add to citation manager EndNote|Ris|BibTeX
URL: http://www.joca.cn/EN/10.3724/SP.J.1087.2011.01515
http://www.joca.cn/EN/Y2011/V31/I06/1515