Presentation is loading. Please wait.

Presentation is loading. Please wait.

KB-IDS Application Design Document1 KB-IDS – Application Design Document Knowledge-based Temporal Abstraction Host- based Intrusion Detection System for.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "KB-IDS Application Design Document1 KB-IDS – Application Design Document Knowledge-based Temporal Abstraction Host- based Intrusion Detection System for."— Presentation transcript:

1 KB-IDS Application Design Document1 KB-IDS – Application Design Document Knowledge-based Temporal Abstraction Host- based Intrusion Detection System for Android Version 1.0Team members: Uri Kanonov, Elad Ankry, Eliya Rahamim May 18 th 2009Academic Advisor: Dr. Yuval Elovici Technical Advisor: Asaf Shabtai

2 Overview  Detailed system architecture  Brief overview of the system requirements  Main classes – Agent  Overview of the KBTA algorithm  Main classes – KBTA Processor  Overview of User Interface  Tasks List  Questions? KB-IDS Application Design Document2

3 Global architecture KB-IDS Application Design Document3 Graphical User Interface Threat Weighting Unit SQLite KBTA … Processors Service NetProtect Control Center Agent

4 Primary system requirements Functional Non-Functional  Agent  Feature extraction  Sending of extracted features to processors and Control Center  Receive alerts from the Threat Weighting Unit  KBTA Processor  Processing according to the KBTA algorithm  Producing threat assessments  Threat Weighting Unit  Threat assessment weighting  Sending of assessments to the Agent  Overall CPU usage should be under 10% (must be lightweight) KB-IDS Application Design Document4

5 Agent - main classes KB-IDS Application Design Document5 Feature Manager SQLite Linux Kernel Application Framework Graphical User Interface Agent Service Processor Manager Configuration Manager Alert Handler Threat Weighting Unit Feature Extractor Monitored Data Processor KBTA Processors NetProtect Control Center

6 Overview of the KBTA Algorithm Securing Android-based Devices T+96 Knowledge (KBTA Security ontology) Four inference mechanisms: - Temporal Context Forming - Contemporaneous Abstraction - Temporal Interpolation - Temporal Pattern Matching Higher Level Meaningful Temporal Information: - Contexts - Abstractions (Trends, States) - Temporal Patterns Time-Stamped Raw Data: - Primitive Parameters - Events

7 Overview of the KBTA Algorithm Ontology ontology; InstanceContainer instances; incrementalKBTA(List primitives, List events){ instances.add(primitives); instances.add(events); while (instances.hasNew()){ createContexts(instances, ontology); createAbstractions(instances, ontology); interpolateAbstractions(instances, ontology); } createPatterns(instances, ontology); } Ontology ontology; InstanceContainer instances; incrementalKBTA(List primitives, List events){ instances.add(primitives); instances.add(events); while (instances.hasNew()){ createContexts(instances, ontology); createAbstractions(instances, ontology); interpolateAbstractions(instances, ontology); } createPatterns(instances, ontology); } Securing Android-based Devices T+97

8 8 Overview of the KBTA Algorithm Example Scenario Apps_With_Permission_Camera Many_Apps_With_Camera_Permission Camera_Usage Pictures_Taken Camera_Abuse Amount of non- system applications with the Camera permission Amount of pictures taken in the last 2 minutes Primitive Legen d Context State Alert

9 KBTA-Processor- Main Classes KB-IDS Application Design Document9 Service Agent Threat Weighting Unit KBTA-Processor NetProtect Control Center Ontology Instance Container Pattern State Trend Context Primitive Event Threat Assessor Threat Assessment

10 Overview of User Interface Securing Android-based Devices T+910 Main screen Settings screen Alert screen

11 Overview of User Interface Securing Android-based Devices T+911 Alert description Alert handled

12 Task List  KBTA  Context Destructions 19/05/09 - 21/05/09  Trend 21/05/09 - 25/05/09  Pattern 25/04/09 - 01/06/09  Settings Screen 01/06/09 - 06/06/09  Sending elements to NetProtect 06/06/09 - 08/06/09  Testing 08/06/09 - 23/06/09 Securing Android-based Devices T+912

13 End Questions? KB-IDS Application Design Document13

Download ppt "KB-IDS Application Design Document1 KB-IDS – Application Design Document Knowledge-based Temporal Abstraction Host- based Intrusion Detection System for."

Similar presentations

Purdue University Center for Education and Research in Information Assurance and Security Building a distributed intrusion detection system with Perl Diego.

Purdue University Center for Education and Research in Information Assurance and Security Building a distributed intrusion detection system with Perl Diego.
PlanetLab V3 and beyond Steve Muir Princeton University September 17, 2004.

PlanetLab V3 and beyond Steve Muir Princeton University September 17, 2004.
COMP4710 Senior Design Process Documentation and Deliverables.

COMP4710 Senior Design Process Documentation and Deliverables.
May 12, 2015IEEE Network Management Symposium Page-1 Requirements for Configuration Management of IP-based Networks Luis A. Sanchez Chief Technology Officer,

May 12, 2015IEEE Network Management Symposium Page-1 Requirements for Configuration Management of IP-based Networks Luis A. Sanchez Chief Technology Officer,
ABHIJIT PATHAK ABHIJIT PATHAK. Roadmap Introduction Introduction System Overview System Overview System Architecture System Architecture Detailed Design.

ABHIJIT PATHAK ABHIJIT PATHAK. Roadmap Introduction Introduction System Overview System Overview System Architecture System Architecture Detailed Design.
SOCIAL NETWORK INFORMATION CONSOLIDATION Developers:  Klasquin Tomer  Nisimov Yaron  Rabih Erez Advisors:  Academic: Prof. Elovici Yuval  Technical:

SOCIAL NETWORK INFORMATION CONSOLIDATION Developers:  Klasquin Tomer  Nisimov Yaron  Rabih Erez Advisors:  Academic: Prof. Elovici Yuval  Technical:
Xyleme A Dynamic Warehouse for XML Data of the Web.

Xyleme A Dynamic Warehouse for XML Data of the Web.
Team: Maya Zalcberg Diana Attar Levona Hershtik Academic advisor: Prof. Ehud Gudes ADD Presentation.

Team: Maya Zalcberg Diana Attar Levona Hershtik Academic advisor: Prof. Ehud Gudes ADD Presentation.
Academic Advisor - Dr. Meir Kelah Technical Advisor - Mr. Roni Stern Members: Shimrit Yacobi Yuval Binenboim Moran Lev Lehman Sharon Shabtai.

Academic Advisor - Dr. Meir Kelah Technical Advisor - Mr. Roni Stern Members: Shimrit Yacobi Yuval Binenboim Moran Lev Lehman Sharon Shabtai.
Securing Android-based Devices T+91 KB-IDS - Prototype Knowledge-based Temporal Abstraction Host- based Intrusion Detection System for Android Version.

Securing Android-based Devices T+91 KB-IDS - Prototype Knowledge-based Temporal Abstraction Host- based Intrusion Detection System for Android Version.
Barak Agiv Itamar Ben-Zaken Barak Nahum Vladislav Smolensky Academic Advisor: Yuval Elovici Professional Advisor: Mira Balaban.

Barak Agiv Itamar Ben-Zaken Barak Nahum Vladislav Smolensky Academic Advisor: Yuval Elovici Professional Advisor: Mira Balaban.
Use cases and requirement specification - 1 Use case diagrams 3 use cases System boundaries Remember: Use case diagramming is a tool, not the requirements.

Use cases and requirement specification - 1 Use case diagrams 3 use cases System boundaries Remember: Use case diagramming is a tool, not the requirements.
AGENT-BASED APPROACH FOR ELECTRICITY DISTRIBUTION SYSTEMS University of Jyväskylä University of Vaasa Acknowledgements: Industrial Ontologies Group.

AGENT-BASED APPROACH FOR ELECTRICITY DISTRIBUTION SYSTEMS University of Jyväskylä University of Vaasa Acknowledgements: Industrial Ontologies Group.
Lecturer: Dr. AJ Bieszczad Chapter 66-1 Object-Oriented analysis and design Special nature of OO development Use cases Design with UML OO system design.

Lecturer: Dr. AJ Bieszczad Chapter 66-1 Object-Oriented analysis and design Special nature of OO development Use cases Design with UML OO system design.
KB-IDS. Academic Advisor: Dr. Yuval Elovici Technical Advisor: Asaf Shabtai Team Members: Eliya Rahamim Elad Ankry Uri Kanonov.

KB-IDS. Academic Advisor: Dr. Yuval Elovici Technical Advisor: Asaf Shabtai Team Members: Eliya Rahamim Elad Ankry Uri Kanonov.
SOCIAL NETWORK INFORMATION CONSOLIDATION Developers:  Klasquin Tomer  Nisimov Yaron  Rabih Erez Advisors:  Academic: Elovici Yuval  Technical: Lesser.

SOCIAL NETWORK INFORMATION CONSOLIDATION Developers:  Klasquin Tomer  Nisimov Yaron  Rabih Erez Advisors:  Academic: Elovici Yuval  Technical: Lesser.
ACADEMIC ADVISOR DR. YUVAL ELOVICI TECHNICAL ADVISOR ASAF SHABTAI TEAM MAOR GUETTA, ARKADY MISHIEV Distributed - KBTA: A Distributed Framework for efficient.

ACADEMIC ADVISOR DR. YUVAL ELOVICI TECHNICAL ADVISOR ASAF SHABTAI TEAM MAOR GUETTA, ARKADY MISHIEV Distributed - KBTA: A Distributed Framework for efficient.
Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.

Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.
PARALLEL COMPUTATION OF KNOWLEDGE-BASED TEMPORAL ABSTRACTION Academic advisor Dr. Yuval Elovici Technical advisor Asaf Shabtai Team Maor Guetta, Arkady.

PARALLEL COMPUTATION OF KNOWLEDGE-BASED TEMPORAL ABSTRACTION Academic advisor Dr. Yuval Elovici Technical advisor Asaf Shabtai Team Maor Guetta, Arkady.
Application Design. Academic Advisor: Dr. Yuval Elovici Professional Advisor: Yuri Granovsky Team: Yuri Manusov Yevgeny Fishman Boris Umansky.

Application Design. Academic Advisor: Dr. Yuval Elovici Professional Advisor: Yuri Granovsky Team: Yuri Manusov Yevgeny Fishman Boris Umansky.

Similar presentations

Ads by Google