• JoomlaWorks Simple Image Rotator
  • JoomlaWorks Simple Image Rotator
  • JoomlaWorks Simple Image Rotator
  • JoomlaWorks Simple Image Rotator
  • JoomlaWorks Simple Image Rotator
  • JoomlaWorks Simple Image Rotator
  • JoomlaWorks Simple Image Rotator
  • JoomlaWorks Simple Image Rotator
  • JoomlaWorks Simple Image Rotator
  • JoomlaWorks Simple Image Rotator
 
  Bookmark and Share
 
 
Master's Dissertation
DOI
https://doi.org/10.11606/D.55.2004.tde-05122014-161212
Document
Author
Full name
Antonio José dos Santos Brandão
Institute/School/College
Knowledge Area
Date of Defense
Published
São Carlos, 2004
Supervisor
Committee
Moreira, Edson dos Santos (President)
Batista Neto, João do Espírito Santo
Fernandes, Clovis Torres
Title in Portuguese
Uso de ontologia para classificação de vulnerabilidades em sistemas computacionais
Keywords in Portuguese
Não disponível
Abstract in Portuguese
Com o aumento da complexidade dos sistemas computacionais, fez-se necessária a utilização de diversas ferramentas para simplificar o processo de detecção de intrusão e de manutenção da segurança. A grande maioria dessas ferramentas baseia-se na geração de mensagens, denominadas alertas, que informam ao administrador sobre eventos ocorridos. Atualmente, não há uma classificação que permita interoperabilidade semântica dos alertas gerados pelas diferentes aplicações, fato que motivou este trabalho de mestrado, que visa estudar e propor o uso de uma ontologia para classificar vulnerabilidades de segurança. A partir dessa motivação, foram iniciados estudos para a modelagem de uma ontologia de vulnerabilidades, especificando suas classes, atributos e relacionamentos. A ontologia proposta foi implementada utilizando a linguagem OWL e as informações catalogadas pelo projeto CVE [Common Vulnerabilities and Exposures). Diversas vulnerabilidades foram classificadas e foram efetuados testes usando a linguagem RDQL, os quais permitiram comprovar a viabilidade na extração de informações da ontologia.
Title in English
Using ontologies for classifying vulnerabilities in computing systems
Keywords in English
Not available
Abstract in English
Computational systems have become complex therefore usually the use of diverse tools is necessary to ease the task of intruders' detection and security maintenance. The most tools are based in messages generation, called alerts, that inform administrators about occurred events. Currendy, that's no classification that permit the correlation of alerts generated from different applications, fact that modvated this work, that aims to study and to consider the use of ontology to classify computer vulnerabilities. The modeling of an ontology of vulnerabilities was done, with the specificadon of its classes, properties and relationships. The ontology was implemented using the OWL language and the database from CVE (Common Vulnerabilities and Exposures) project was used as source of information on vulnerabilities. Vulnerabilities have been classified in the ontology and some tests had been done using the RDQL language to ensure the viability to extract information from the ontology.
 
WARNING - Viewing this document is conditioned on your acceptance of the following terms of use:
This document is only for private use for research and teaching activities. Reproduction for commercial use is forbidden. This rights cover the whole data about this document as well as its contents. Any uses or copies of this document in whole or in part must include the author's name.
Publishing Date
2014-12-05
 
WARNING: Learn what derived works are clicking here.
All rights of the thesis/dissertation are from the authors
CeTI-SC/STI
Digital Library of Theses and Dissertations of USP. Copyright © 2001-2024. All rights reserved.