SECURITY POLICY INSTANTIATION TO REACT TO NETWORK ATTACKS - An Ontology-based Approach using OWL and SWRL

Jorge E. López de Vergara; Enrique Vázquez; Javier Guerra

doi:10.5220/0001929300780083

SECURITY POLICY INSTANTIATION TO REACT TO NETWORK ATTACKS - An Ontology-based Approach using OWL and SWRL

Jorge E. López de Vergara, Enrique Vázquez, Javier Guerra

2008

Abstract

A quick and efficient reaction to an attack is important to address the evolution of security incidents in current communication networks. The ReD (Reaction after Detection) project’s aim is to design solutions that enhance the detection/reaction security process. This will improve the overall resilience of IP networks to attacks, helping telecommunication and service providers to maintain sufficient quality of service to comply with service level agreements. A main component within this project is in charge of instantiating new security policies that counteract the network attacks. This paper proposes an ontology-based methodology for the instantiation of these security policies. This approach provides a way to map alerts into attack contexts, which are later used to identify the policies to be applied in the network to solve the threat. For this, ontologies to describe alerts and policies are defined, using inference rules to perform such mappings.

Download

Paper Citation

in Harvard Style

E. López de Vergara J., Vázquez E. and Guerra J. (2008). SECURITY POLICY INSTANTIATION TO REACT TO NETWORK ATTACKS - An Ontology-based Approach using OWL and SWRL . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2008) ISBN 978-989-8111-59-3, pages 78-83. DOI: 10.5220/0001929300780083

in Bibtex Style

@conference{secrypt08,
author={Jorge E. López de Vergara and Enrique Vázquez and Javier Guerra},
title={SECURITY POLICY INSTANTIATION TO REACT TO NETWORK ATTACKS - An Ontology-based Approach using OWL and SWRL},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2008)},
year={2008},
pages={78-83},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001929300780083},
isbn={978-989-8111-59-3},
}

in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2008)
TI - SECURITY POLICY INSTANTIATION TO REACT TO NETWORK ATTACKS - An Ontology-based Approach using OWL and SWRL
SN - 978-989-8111-59-3
AU - E. López de Vergara J.
AU - Vázquez E.
AU - Guerra J.
PY - 2008
SP - 78
EP - 83
DO - 10.5220/0001929300780083