Remember Me
Or use your Academic/Social account:


Or use your Academic/Social account:


You have just completed your registration at OpenAire.

Before you can login to the site, you will need to activate your account. An e-mail will be sent to you with the proper instructions.


Please note that this site is currently undergoing Beta testing.
Any new content you create is not guaranteed to be present to the final version of the site upon release.

Thank you for your patience,
OpenAire Dev Team.

Close This Message


Verify Password:
Verify E-mail:
*All Fields Are Required.
Please Verify You Are Human:
fbtwitterlinkedinvimeoflicker grey 14rssslideshare1
Amálio, N.; Spanoudakis, G. (2008)
Publisher: IEEE Computer Society
Languages: English
Types: Article
Subjects: QA75

Classified by OpenAIRE into

arxiv: Computer Science::Cryptography and Security
This paper presents our pattern-based approach to run-time requirements monitoring and threat detection being developed as part of an approach to build frameworks supporting the construction of secure and dependable systems for ambient intelligence. Our patterns infra-structure is based on templates. From templates we generate event-calculus formulas expressing security requirements to monitor at run-time. From these theories we generate attack signatures, describing threats or possible attacks to the system. At run-time, we evaluate the likelihood of threats from run-time observations using a probabilistic model based on Bayesian networks.
  • The results below are discovered through our pilot algorithms. Let us know how we are doing!

    • [1] Weiser, M., The Computer for the 21st Century.
    • Scientific American, 265(3). 1991.
    • [2] Sánchez-Cid, F., et al. Software Engineering Techniques Applied to AmI: Security Patterns.
    • In Developing Ambient Intelligence. 108--123.
    • Springer. 2006 [3] Verbauwhede, I., et al., Security for Ambient Intelligent Systems. In Ambient Intelligence, W.
    • 2005, Springer. p. 199-221.
    • [4] Spanoudakis, G. and K. Mahbub, Non Intrusive monitoring of service based systems. Journal of [20] [21] Cooperative Information Systems, 15(3): 325- 358. 2006.
    • Kloukinas, C. and G. Spanoudakis. A patterndriven framework for Monitoring Security and Dependability. In TrustBus'07. 210--218.
    • Springer. 2007 Spanoudakis, G., C. Kloukinas, and K. Androutsopoulos. Towards security monitoring patterns. In SAC '07: ACM symposium on Applied computing. 1518--1525. ACM. 2007 Shanahan, M. The Event Calculus Explained. In Artificial Intelligence Today: Recent Trends and Developments. Springer. Lecture Notes in Computer Science. 1999 Amálio, N., S. Stepney, and F. Polack. A formal template language enabling meta-proof. In FM 2006. 252-267. LNCS, Springer. LNCS. 2006 Amálio, N., Generative frameworks for rigorous model-driven development. PhD Thesis. Dept Computer Science, Univ of York. 2007.
    • Campadello, S., et al. S&D Requirements specification. SERENITY PROJECT, SERENITY Deliverable, A7.D2.1 Denning, D.E. and P.J. Denning, Data Security.
    • ACM Comput. Surv., 11(3): 227-249. 1979.
    • 2005, Springer.
    • IEEE Transations on Software Engineering, 13(2): 222-232. 1987.
    • 2004: Microsoft Press.
    • Eshghi, K. Abductive planning with Event Calculus. In 5th International Conference on Logic Programming. 562--579. MIT Press. 1988 Levesque, H.J. What is planning in the presence of sensing. In National Conference on Artificial intelligence (AAAI'96). 1139--1146. 1996 Pearl, J., Probabilistic reasoning in intelligent systems : networks of plausible inference. 1988: Morgan Kaufmann.
    • Console, P., L.a. Terenziani, and D.T. Dupre, Local reasoning and knowledge compilation for efficient temporal abduction. IEEE Transactions on Knowledge and Data Engineering, 14(6): 1230 -1248. 2002.
    • Niculescu, R.S., T.M. Mitchell, and R.B. Rao, Bayesian Network Learning with Parameter Constraints. J. Mach. Learn. Res., 7: 1357- 1383. 2006.
    • Cheng, B.H.C., et al. Using Security Patterns to Model and analyze security requirements. In Requirements for high-assurance systems workshop (RHAS'03). 2003 Cuppens, F. and A. Miège. Modelling Contexts in the Or-BAC Model. In 19th Annual Computer Security Applications Conference (ACSAC '03).
    • 2003 Kalam, A.A.E., et al. Organization Based Access Control. In 4th IEEE International Workshop on Policies for Distributed Systems and Networks (Policy'03). 2003 Ko, C., M. Ruschitzka, and K. Levitt. Execution monitoring of security-critical programs in distributed systems: a Specification-based approach. In SP '97: IEEE Symposium on Security and Privacy. 175-187. 1997 Chari, S.N. and P.-C. Cheng, Bluebox: a policydriven, host-based intrusion detection system.
    • ACM Trans. Inf. Syst. Secur., 6(2): 173-200.
    • Ilgun, K., R.A. Kemmerer, and P.A. Porras, State transition analysis : a rule-based intrusion detection system. IEEE Trans. Software Eng., 21(3): 191-199. 1995.
    • Kumar, S. and E.H. Spafford. A Pattern Matching Model for Misuse Intrusion Detection. In 17th National Computer Security Conference.
    • 11-21. 1994 Valdes, A. and K. Skinner. Adaptive, Modelbased Monitoring for Cyber Attack Detection. In Recent Advances in Intrusion Detection (RAID 2000). 80-92. Springer. LNCS. 2000 Lamsweerde, A.v., et al. From system goals to intruder Anti-goals: attack generation and resolution for security requirements engineering. In Requirements for high-assurance systems workshop (RHAS'03). 2003
  • No related research data.
  • No similar publications.

Share - Bookmark

Cite this article