Planning, Petri Nets, and Intrusion Detection - PowerPoint PPT Presentation

1 / 17
About This Presentation
Title:

Planning, Petri Nets, and Intrusion Detection

Description:

1. Planning, Petri Nets, and Intrusion Detection. Yuan Ho, Deborah Frincke, Donald ... Authors have successfully used Petri Nets to model sample scenarios from each of ... – PowerPoint PPT presentation

Number of Views:39
Avg rating:3.0/5.0
Slides: 18
Provided by: kph45
Category:

less

Transcript and Presenter's Notes

Title: Planning, Petri Nets, and Intrusion Detection


1
Planning, Petri Nets, and Intrusion Detection
  • Yuan Ho, Deborah Frincke, Donald Tobin
  • 1998

2
Abstract
  • A new intrusion detection architecture
  • partial order planning
  • executable Petri Nets
  • POSTAT
  • Partial Order State Transition Analysis Technique
  • allow unordered events in the action scenario

3
Introduction
4
Partial Order State Transition Analysis
  • State transition
  • considers a penetration to be a sequence of
    signature actions performed by an attacker
  • from some initial state to a target compromised
    state

5
Partial Order State Transition Analysis
  • partial order of events
  • some events are ordered
  • others are unordered
  • A partial order state transition analysis allows
    more than one sequence of events in the state
    transition diagram.
  • modular

6
Partial Order State Transition Analysis
7
Partial Order State Transition Analysis
8
Partial Order State Transition Analysis
9
Handling Anomaly Detection
  • A typical profile might include following
    components
  • whenever the subject initiates an action on some
    object
  • e_pattern error conditions
  • r_pattern resource usage
  • t_pattern time duration
  • ex

10
Handling Anomaly Detection
11
Handling Anomaly Detection
12
Intrusion Scenario Construction
  • A plan is formally defined as
  • a set of plan steps
  • a set of ordering constraints
  • means Si before Sj
  • a set of variable binding constraints
  • a set of causal links
  • means Si achieves c for Sj

13
Intrusion Scenario Construction
  • Assuming an intrusion scenario is composed of k
    signature actions.

14
The Role of Petri Nets
  • Authors have successfully used Petri Nets to
    model sample scenarios from each of Kumars five
    violation categories.
  • Existence the fact that something that exists
    is a violation of security policy.

15
  • Sequence the fact that several things happen
    in strict sequence
  • Duration something existed or happened for no
    more than or not less than a certain interval of
    time

16
  • Partial order several events are defined in a
    partial order

17
Conclusion
  • The most challenging task in this state
    transition approach is
  • how to give a complete definition of the state
    assertions for all known compromised states
  • how to define all the signature actions
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Planning, Petri Nets, and Intrusion Detection" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!