Abstract:

Nowadays, information systems are subject to several kinds of attacks that threaten their normal behavior and even may lead to the loss of provided services. These attacks have an effect directly on the quality of information systems that should be monitored in a continuous manner in order to detect possible degradation of quality metrics and to react in an efficient manner to maintain acceptable values for such metrics and therefore guarantee the required services. The degradation of quality metrics may be a useful mean to detect malicious activities that are not reported by intrusion detection systems. This paper deals with this need by proposing a novel Petri Net-based approach that enables the detection of attacks even if there are missing or false alerts by introducing novel kind of transitions that ensure the evaluation of the degradation of the quality of IS resources in addition the identification of the most probable transitions. The efficiency of the proposed scheme is evaluated by considering the Petri Net that models a sales management information system and the set of attached quality parameters. The proposed scheme enables the prediction of the set of actions that lead to the degradation of the quality of the IS in addition to the localization of IS resources that should be protected.