Abstract
The integration of security services is an important solution to combat anomalies and attacks on computer systems, assuming that possible difficulties of a security service may be compensated by others. The current works that aim to integrate two or more security services are usually focused on a particular implementation strategy, because the systematic approach to integrated security systems requires the analysis of relations between security data. In our work was proposed and developed a Security Services Integrated Layer (SSIL), consisting of an organization pattern of information security, as well as behavioral models to analyze the occurrence of abnormality identified. The Hidden Markov Model and the proposed solutions as subHMM and Sequential Model allowed the integration of security services based on behavior. In this article we highlight the rates of detection of anomalies and a critical analysis of results.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Androulidakis, G., Papavassiliou, S.: Improving network anomaly detection via selective flow-based sampling. Institution of Engineering and Technology (IET) 2(3), 399–409 (2008)
Joshi, S.S., Phoha, V.V.: Investigating hidden Markov models capabilities in anomaly detection. In: ACM Southeast Regional Conference Proceedings of the 43rd Annual Southeast Regional Conference (2005)
Rabiner, L.R.: A tutorial on Hidden Markov Models and Selected Applications in Speech Recognition. Proc. IEEE 77(2) (1989)
Rasheed, H., Chow, Y.C.R.: An Information Model for Security Integration. In: 11th IEEE International Workshop on Future Trends of Distributed Computing Systems (FTDCS 2007), pp. 41–47 (2007)
Zilys, M., Valinevicius, A., Eidukas, D.: Optimizing strategic control of integrated security systems. In: 26th International Conference on Information Technology Interfaces (2004)
Yasami, Y., Farahmand, M., Zargari, V.: An ARP-based Anomaly Detection Algorithm Using Hidden Markov Model in Enterprise Networks. In: IEEE Second International Conference on Systems and Networks Communications (ICSNC 2007) (2007)
Jonsson, E.: Towards an integrated conceptual model of security and dependability, Availability, Reliability and Security, ARES (2006)
Debar, H., Curry, D., Feinstein, B.: The intrusion detection message exchange format (2007), http://www.rfc-editor.org/rfc/rfc4765.txt
Pereira, F.D.: Approach and Design of SSIL – Security Services Integration Level in SoC and Software (in Portuguese), PhD Thesis, University of Sao Paulo (USP) (2009)
Pereira, F.D., Ordonez, E.D.M.: A Hardware Architecture for Integrated-Security Services. In: Gavrilova, M.L., Tan, C.J.K., Moreno, E.D. (eds.) Transactions on Computational Science IV. LNCS, vol. 5430, pp. 100–114. Springer, Heidelberg (2009)
Yang, C., Deng, F., Haidong, Y.: An Unsupervised Anomaly Detection Approach using Subtractive Clustering and Hidden Markov Model. In: IEEE International Conference on Communications and Networking in China, CHINACOM (2007)
Nissanke, N.: An integrated security model for component-based systems. In: IEEE Conference on Emerging Technologies and Factory Automation, ETFA 2007, pp. 638–645 (2007)
Moses, T.: eXtensible Access Control Markup Language(XACML) Version 2.0. OASIS (February 2005)
Cappé, O., Moulines, E.: Inference in Hidden Markov Models, Ed. Springer, Heidelberg (2005)
Bunke, H., Caelli, T.: Hidden Markov Models: Applications in Computer Vision. World Scientific Publishing, Singapore (2001)
Olzoni, D.: Revisiting Anomaly-based Network Intrusion Detection Systems. PhD thesis, University of Twente. CTIT Ph.D.-thesis series No. 09-147 (2009) ISBN 978-90-365-2853-5
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Pereira, F.D., Moreno, E.D. (2010). Performance Issues on Integration of Security Services. In: Gavrilova, M.L., Tan, C.J.K., Moreno, E.D. (eds) Transactions on Computational Science XI. Lecture Notes in Computer Science, vol 6480. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17697-5_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-17697-5_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-17696-8
Online ISBN: 978-3-642-17697-5
eBook Packages: Computer ScienceComputer Science (R0)