Ontological Representation of Networks for IDS in Cyber-Physical Systems

Sartakov, Vasily A.

doi:10.1007/978-3-319-26123-2_40

Vasily A. Sartakov¹⁵

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 542))

Included in the following conference series:

International Conference on Analysis of Images, Social Networks and Texts

1068 Accesses

Abstract

Cyber-Physical System (CPSs) combine information and communication technologies and means controlling physical objects. Modern infrastructure objects such as electrical grids, smart-cities, etc. represent complex CPSs consisting of multiple interconnected software and hardware complexes. The software contained in them requires development, support, and in case of updates termination can be the target for malicious attacks. To prevent intrusion into networks of cyber-physical objects one can use Intrusion-Detection System (IDS) that are widely used in existing noncyber-physical networks. CPSs are characterized by formalization and determinacy and it allows to apply a specification-based approach for IDS development.

This paper is devoted to IDS development using the ontology-based representation of networks. This representation allows to implement both at the software level – by means of comparing movement of network traffic with its model, and at the physical level – by means of controlling connections of network devices. Ontological representation provides a model of network which is used for creation specifications for IDS.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

1.
http://suricata-ids.org.
2.
A detailed description of the ontology, examples, network graphical representation, etc. is presented on project website http://github.com/Ksys-labs/fdnet.

References

Zhu, B., Sastry, S.: Scada-specific intrusion detection/prevention systems: a survey and taxonomy. In: Proceedings of the 1st Workshop on Secure Control Systems (SCS) (2010)
Google Scholar
Kruegel, C., Mutz, D., Robertson, W., Valeur, F.: Bayesian event classification for intrusion detection. In: Computer Security Applications Conference, Proceedings. 19th Annual, pp. 14–23. IEEE (2003)
Google Scholar
Ko, C.C.W.: Execution Monitoring of Security-Critical Programs in a Distributed System: A Specification-Based Approach. Ph.D. thesis, UNIVERSITY OF CALIFORNIA DAVIS (1996)
Google Scholar
Balepin, I., Maltsev, S., Rowe, J., Levitt, K.: Using specification-based intrusion detection for automated response. In: Vigna, G., Kruegel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 136–154. Springer, Heidelberg (2003)
Chapter Google Scholar
Gruber, T.R.: Toward principles for the design of ontologies used for knowledge sharing? Int. J. Hum. Comput. Stud. 43, 907–928 (1995)
Article Google Scholar
Roesch, M., et al.: Snort: lightweight intrusion detection for networks. In: LISA, vol. 99, pp. 229–238 (1999)
Google Scholar
Klyne, G., Carroll, J.J.: Resource description framework (rdf): concepts and abstract syntax (2006)
Google Scholar
Berners-Lee, T., Connolly, D.: Notation3 (n3): a readable rdf syntax. W3C Team Submission, January 2008. http://www.w3.org/TeamSubmission, (3) (1998)
Cuppens-Boulahia, N., Cuppens, F., Autrel, F., Debar, H.: An ontology-based approach to react to network attacks. Int. J. Inf. Comput. Secur. 3, 280–305 (2009)
Google Scholar
Undercoffer, J., Joshi, A., Pinkston, J.: Modeling computer attacks: an ontology for intrusion detection. In: Vigna, G., Kruegel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 113–135. Springer, Heidelberg (2003)
Chapter Google Scholar
Frye, L., Cheng, L., Heflin, J.: An ontology-based system to identify complex network attacks. In: 2012 IEEE International Conference on Communications (ICC), pp. 6683–6688. IEEE (2012)
Google Scholar
Neuhaus, H., Compton, M.: The semantic sensor network ontology. In: AGILE Workshop on Challenges in Geospatial Data Harmonisation, Hannover, Germany, pp. 1–33 (2009)
Google Scholar
Ustalov, D.A.: A semantic approach for representing the cloud computing environment configuration. In: Proceedings of the 14th International Supercomputing Conference “Scientific Service on the Internet”, Moscow, MSU, pp. 706–710 (2012)
Google Scholar

Download references

Author information

Authors and Affiliations

Ksys Labs, Moscow, Russia
Vasily A. Sartakov

Authors

Vasily A. Sartakov
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Vasily A. Sartakov .

Editor information

Editors and Affiliations

Krasovsky Institute of Mathematics and Mechanics, Yekaterinburg, Russia
Mikhail Yu. Khachay
Wolverhampton, United Kingdom
Natalia Konstantinova
Technische Universität Darmstadt, Darmstadt, Germany
Alexander Panchenko
National Research University Higher School of Economics, Moscow, Russia
Dmitry Ignatov
Ural Federal University, Yekaterinbug, Russia
Valeri G. Labunets

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Sartakov, V.A. (2015). Ontological Representation of Networks for IDS in Cyber-Physical Systems. In: Khachay, M., Konstantinova, N., Panchenko, A., Ignatov, D., Labunets, V. (eds) Analysis of Images, Social Networks and Texts. AIST 2015. Communications in Computer and Information Science, vol 542. Springer, Cham. https://doi.org/10.1007/978-3-319-26123-2_40

Download citation

DOI: https://doi.org/10.1007/978-3-319-26123-2_40
Published: 05 December 2015
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-26122-5
Online ISBN: 978-3-319-26123-2
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics