A Formal Model for Attack Mutation Using Dynamic Description Logics - Intelligent Information Processing VII (IIP 2014) Access content directly
Conference Papers Year : 2014

A Formal Model for Attack Mutation Using Dynamic Description Logics


All currently available Network-based Intrusion Detection Systems (NIDS) rely upon passive protocol analysis which is fundamentally flawed as an attack can evade detection by exploiting ambiguities in the traffic stream as seen by the NIDS. We observe that different attack variations can be derived from the original attack using simple transformations. This paper proposes a semantic model for attack mutation based on dynamic description logics (DDL(X)), extensions of description logics (DLs) with a dynamic dimension, and explores the possibility of using DDL(X) as a basis for evasion composition. The attack mutation model describes all the possible transformations and how they can be applied to the original attack to generate a large number of attack variations. Furthermore, this paper presents a heuristics planning algorithm for the automation of evasion composition at the functional level based on DDL(X). Our approach employs classical DL-TBoxes to capture the constraints of the domain, DL-ABoxes to present the attack, and DL-formulas to encode the objective sequence of packets respectively. In such a way, the evasion composition problem is solved by a decidable tableau procedure. The preliminary results certify the potential of the approach.
Fichier principal
Vignette du fichier
978-3-662-44980-6_34_Chapter.pdf (196.29 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Dates and versions

hal-01383345 , version 1 (18-10-2016)





Zhuxiao Wang, Jing Guo, Jin Shi, Hui He, Ying Zhang, et al.. A Formal Model for Attack Mutation Using Dynamic Description Logics. 8th International Conference on Intelligent Information Processing (IIP), Oct 2014, Hangzhou, China. pp.303-311, ⟨10.1007/978-3-662-44980-6_34⟩. ⟨hal-01383345⟩
326 View
402 Download



Gmail Facebook X LinkedIn More