A Software Fault Tree Approach to Requirements Analysis of an Intrusion Detection System |
| |
Authors: | Guy Helmer Johnny Wong Mark Slagell Vasant Honavar Les Miller Robyn Lutz |
| |
Affiliation: | (1) Department of Computer Science, Iowa State University, Ames, Iowa, USA, US |
| |
Abstract: | Requirements analysis for an intrusion detection system (IDS) involves deriving requirements for the IDS from analysis of
the intrusion domain. When the IDS is, as here, a collection of mobile agents that detect, classify, and correlate system
and network activities, the derived requirements include what activities the agent software should monitor, what intrusion
characteristics the agents should correlate, where the IDS agents should be placed to feasibly detect the intrusions, and
what countermeasures the software should initiate. This paper describes the use of software fault trees for requirements identification
and analysis in an IDS. Intrusions are divided into seven stages (following Ruiu), and a fault subtree is developed to model
each of the seven stages (reconnaissance, penetration, etc.). Two examples are provided. This approach was found to support
requirements evolution (as new intrusions were identified), incremental development of the IDS, and prioritisation of countermeasures.
Correspondence and offprint requests to: G. Helmer, Department of Computer Science, 226 Atanasoff Hall, Iowa State University, Ames, Iowa 50011, USA. Email: ghelmer@cs.iastate.edu |
| |
Keywords: | :Coloured Petri nets – Intrusion detection system – Mobile agents – Requirements analysis – Software fault tree |
本文献已被 SpringerLink 等数据库收录! |
|