Quality of Detectability (QoD) and QoD-aware AAT-based attack detection

Jie Wang; Raphael C.W. Phan; John N. Whitley; David J. Parish

Quality of Detectability (QoD) and QoD-aware AAT-based attack detection

Jie Wang, Raphael C.W. Phan, John N. Whitley, David J. Parish

Malaysia Sch of Information Technology

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

1 Citation (Scopus)

Abstract

Network attacks occur in high proportion on the internet, thus aside from security as a means of defense there is a need for being able to detect attacks as they occur so that measures can be put in place to tackle them. For this, an intrusion detection system (DS) is required that has good quality of detection capability. We propose Quality of Detectability (QoD) as a kind of Quality of Service (QoS)-like detection quality mechanism. Two major contributions are given in this paper: (1) the notion of QoD to measure the attack detection capability; (2) an extended Augmented Attack Tree (AAT) and corresponding intrusion detection algorithm with QoD capabilities.

Original language	English
Title of host publication	2010 International Conference for Internet Technology and Secured Transactions, ICITST 2010
Publication status	Published - 2010
Event	International Conference for Internet Technology and Secured Transactions (ICITST) 2010 - London, United Kingdom Duration: 8 Nov 2010 → 11 Nov 2010 Conference number: 5th https://ieeexplore.ieee.org/xpl/conhome/5672505/proceeding (Proceedings)

Conference

Conference	International Conference for Internet Technology and Secured Transactions (ICITST) 2010
Abbreviated title	ICITST 2010
Country/Territory	United Kingdom
City	London
Period	8/11/10 → 11/11/10
Internet address	https://ieeexplore.ieee.org/xpl/conhome/5672505/proceeding (Proceedings)

Cite this

@inproceedings{f2eca70271a042e2a4f8cb4461fe9c03,

title = "Quality of Detectability (QoD) and QoD-aware AAT-based attack detection",

abstract = "Network attacks occur in high proportion on the internet, thus aside from security as a means of defense there is a need for being able to detect attacks as they occur so that measures can be put in place to tackle them. For this, an intrusion detection system (DS) is required that has good quality of detection capability. We propose Quality of Detectability (QoD) as a kind of Quality of Service (QoS)-like detection quality mechanism. Two major contributions are given in this paper: (1) the notion of QoD to measure the attack detection capability; (2) an extended Augmented Attack Tree (AAT) and corresponding intrusion detection algorithm with QoD capabilities.",

author = "Jie Wang and Phan, \{Raphael C.W.\} and Whitley, \{John N.\} and Parish, \{David J.\}",

note = "Copyright: Copyright 2011 Elsevier B.V., All rights reserved.; International Conference for Internet Technology and Secured Transactions (ICITST) 2010, ICITST 2010 ; Conference date: 08-11-2010 Through 11-11-2010",

year = "2010",

language = "English",

isbn = "9781424488629",

booktitle = "2010 International Conference for Internet Technology and Secured Transactions, ICITST 2010",

url = "https://ieeexplore.ieee.org/xpl/conhome/5672505/proceeding",

}

TY - GEN

T1 - Quality of Detectability (QoD) and QoD-aware AAT-based attack detection

AU - Wang, Jie

AU - Phan, Raphael C.W.

AU - Whitley, John N.

AU - Parish, David J.

N1 - Conference code: 5th

PY - 2010

Y1 - 2010

N2 - Network attacks occur in high proportion on the internet, thus aside from security as a means of defense there is a need for being able to detect attacks as they occur so that measures can be put in place to tackle them. For this, an intrusion detection system (DS) is required that has good quality of detection capability. We propose Quality of Detectability (QoD) as a kind of Quality of Service (QoS)-like detection quality mechanism. Two major contributions are given in this paper: (1) the notion of QoD to measure the attack detection capability; (2) an extended Augmented Attack Tree (AAT) and corresponding intrusion detection algorithm with QoD capabilities.

AB - Network attacks occur in high proportion on the internet, thus aside from security as a means of defense there is a need for being able to detect attacks as they occur so that measures can be put in place to tackle them. For this, an intrusion detection system (DS) is required that has good quality of detection capability. We propose Quality of Detectability (QoD) as a kind of Quality of Service (QoS)-like detection quality mechanism. Two major contributions are given in this paper: (1) the notion of QoD to measure the attack detection capability; (2) an extended Augmented Attack Tree (AAT) and corresponding intrusion detection algorithm with QoD capabilities.

UR - https://www.scopus.com/pages/publications/79951480757

M3 - Conference Paper

AN - SCOPUS:79951480757

SN - 9781424488629

BT - 2010 International Conference for Internet Technology and Secured Transactions, ICITST 2010

T2 - International Conference for Internet Technology and Secured Transactions (ICITST) 2010

Y2 - 8 November 2010 through 11 November 2010

ER -

Quality of Detectability (QoD) and QoD-aware AAT-based attack detection

Abstract

Conference

Other files and links

Cite this