Razzaq et al., 2014 - Google Patents
Ontology for attack detection: An intelligent approach to web application securityRazzaq et al., 2014
View PDF- Document ID
- 12084593432109206822
- Author
- Razzaq A
- Anwar Z
- Ahmad H
- Latif K
- Munir F
- Publication year
- Publication venue
- computers & security
External Links
Snippet
Conventional detection techniques struggle to keep up with the inherent complexity of web application design and hence the ever growing variety of attacks that can exploit it. Security frameworks modeled using an ontological approach are a promising new line of defense …
- 238000001514 detection method 0 title abstract description 51
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2101—Auditing as a secondary aspect
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/316—User authentication by observing the pattern of computer usage, e.g. typical user behaviour
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
- G06F21/645—Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Razzaq et al. | Ontology for attack detection: An intelligent approach to web application security | |
| US20230319090A1 (en) | Consolidating structured and unstructured security and threat intelligence with knowledge graphs | |
| US11089040B2 (en) | Cognitive analysis of security data with signal flow-based graph exploration | |
| US11194905B2 (en) | Affectedness scoring engine for cyber threat intelligence services | |
| US10958672B2 (en) | Cognitive offense analysis using contextual data and knowledge graphs | |
| US10313382B2 (en) | System and method for visualizing and analyzing cyber-attacks using a graph model | |
| US10313365B2 (en) | Cognitive offense analysis using enriched graphs | |
| Sikos | AI in digital forensics: Ontology engineering for cybercrime investigations | |
| JP2023506168A (en) | Automatic semantic modeling of system events | |
| US10686830B2 (en) | Corroborating threat assertions by consolidating security and threat intelligence with kinetics data | |
| Tayouri et al. | A survey of MulVAL extensions and their attack scenarios coverage | |
| Aviad et al. | The semantic approach to cyber security. Towards ontology based body of knowledge | |
| Hussain et al. | Mitigating Software Vulnerabilities through Secure Software Development with a Policy‐Driven Waterfall Model | |
| Aliero et al. | Detection of structure query language injection vulnerability in web driven database application | |
| Gonzalez Granadillo et al. | An ontology-driven approach to model SIEM information and operations using the SWRL formalism | |
| Fredj | Spheres: an efficient server-side web application protection system | |
| Dritsas et al. | A knowledge-based approach to security requirements for e-health applications | |
| Zhu et al. | A model-based aspect-oriented framework for building intrusion-aware software systems | |
| Ouchani et al. | Generating attacks in SysML activity diagrams by detecting attack surfaces | |
| Karande et al. | Ontology based intrusion detection system for web application security | |
| Zhu | Attack Pattern Ontology: A Common Language for Cyber-Security Information Sharing | |
| Mavroeidis | Towards automated threat-informed cyberspace defense | |
| Acosta et al. | Automatic data generation and rule creation for network scanning tools | |
| Tasios | Design & development of a cybersecurity tool for attack surface discovery with automated target-network reconnaissance | |
| Chase | Cyber Threat Prediction using Experience Sharing Models and Ensemble Learning Algorithms |