Abstract
Driven by technical innovation, embedded systems are becoming increasingly interconnected and have to be secured against failures and threats from the outside world. For this purpose, we have defined an integrated model-based development process for security monitors which requires an expressive, formally well-defined, and easy to learn behavioral signature language. In this paper, we demonstrate that Live Sequence Charts (LSCs) are adequate for the specification of behavioral signatures. To satisfy all requirements and enable compact modeling, we extend LSCs by concepts that fit well to the spirit of LSCs.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Damm, W., Harel, D.: LSCs: Breathing Life into Message Sequence Charts. Formal Methods in System Design 19(1), 45–80 (2001)
Giarratano, J., Riley, G.: Expert Systems: Principles and Programming, 3rd edn. Course Technology (1998)
Groll, A., Ruland, C.: Secure and Authentic Communication on Existing In-Vehicle Networks. In: Proc. of IEEE IV 2009, pp. 1093–1097 (2009)
Harel, D., Maoz, S., Segall, I.: Some Results on the Expressive Power and Complexity of LSCs. In: Avron, A., Dershowitz, N., Rabinovich, A. (eds.) Pillars of Computer Science. LNCS, vol. 4800, pp. 351–366. Springer, Heidelberg (2008)
Hussein, M., Zulkernine, M.: UMLintr: A UML Profile for Specifying Intrusions. In: 13th Annual IEEE International Symposium and Workshop on Engineering of Computer Based Systems, ECBS 2006, pp. 8–288. IEEE, Los Alamitos (2006)
Jürjens, J.: UMLsec: Extending UML for Secure Systems Development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412–425. Springer, Heidelberg (2002)
Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., et al.: Experimental Security Analysis of a Modern Automobile. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 447–462. IEEE, Los Alamitos (2010)
Kumar, S.: Classification and Detection of Computer Intrusions. Ph.D. thesis, Purdue University (1995)
Lindqvist, U., Porras, P.: Detecting Computer and Network Misuse through the Production-based Expert System Toolset (P-BEST). In: Proceedings of the 1999 IEEE Symposium on Security and Privacy, 1999, pp. 146–161. IEEE, Los Alamitos (2002)
Lodderstedt, T., Basin, D., Doser, J.: SecureUML: A UML-Based Modeling Language for Model-Driven Security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 426–441. Springer, Heidelberg (2002)
Massacci, F., Naliuka, K.: Towards Practical Security Monitors of UML Policies for Mobile Applications. In: Proc. of IEEE POLICY 2007, pp. 278 (2007)
Papadimitratos, P., Buttyan, L., et al.: Secure Vehicular Communication Systems: Design and Architecture. IEEE Commun. Mag. 46(11), 100–109 (2008)
Patzina, L., Patzina, S., Piper, T., Schürr, A.: Monitor Petri Nets for Security Monitoring. In: Proc. of S&D4RCES (2010)
Schmerl, S.: Entwurf und Entwicklung einer effizienten Analyseeinheit für Intrusion-Detection-Systeme. Diplomarbeit, Lehrstuhl Rechnernetze, BTU Cottbus (2004)
Sindre, G., Opdahl, A.L.: Capturing Security Requirments through Misuse Cases. In: NIK 2001 (2001), http://www.nik.no/2001
Sloman, M., Lupu, E.: Security and Management Policy Specification. IEEE Network 16(2), 10–19 (2002)
Smith, S., Beaulieu, A., Phillips, W.G.: Modeling Security Protocols Using UML 2. In: Workshop – Modeling Security 2008 (2008)
Solhaug, B., Elgesem, D., et al.: Specifying Policies Using UML Sequence Diagrams–An Evaluation Based on a Case Study. In: Proc. of IEEE POLICY 2007, pp. 19–28 (2007)
Vigna, G., Eckmann, S., Kemmerer, R.: The STAT Tool Suite. In: Proc. of DISCEX 2000, DARPA Information Survivability Conference and Exposition, 2000, vol. 2, pp. 46–55. IEEE, Los Alamitos (2002)
Westphal, B., Toben, T.: The Good, the Bad and the Ugly: Well-Formedness of Live Sequence Charts. In: Baresi, L., Heckel, R. (eds.) FASE 2006. LNCS, vol. 3922, pp. 230–246. Springer, Heidelberg (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 IFIP International Federation for Information Processing
About this paper
Cite this paper
Patzina, S., Patzina, L., Schürr, A. (2011). Extending LSCs for Behavioral Signature Modeling. In: Camenisch, J., Fischer-Hübner, S., Murayama, Y., Portmann, A., Rieder, C. (eds) Future Challenges in Security and Privacy for Academia and Industry. SEC 2011. IFIP Advances in Information and Communication Technology, vol 354. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21424-0_24
Download citation
DOI: https://doi.org/10.1007/978-3-642-21424-0_24
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-21423-3
Online ISBN: 978-3-642-21424-0
eBook Packages: Computer ScienceComputer Science (R0)