, <?xml version ="1.0" encoding ="utf-8"?> 2 <xs:schema xmlns:xs=

, <xs:appinfo>ECSLA, a DSL for security monitoring SLA description in cloud</xs:appinfo> 8 <xs:documentation xml:lang="en

, Schema for the ECSLA, an extention for CSLA Language

. </xs, , p.documentation>

, CloudServiceType "> 16 <xs:choice > 17 <xs:element numbersname=" software " numberstype="csla: SoftwareType " 18 numbersminOccurs ="1" numbersmaxOccurs ="1"/> 19 <xs:element numbersname=" platform " numberstype="csla: PlatformType, </xs:annotation> 14 15 <xs:complexType numbersname=

. </xs,

, SecurityMonitoringType "> 29 <xs:sequence > 30 <xs:element numbersname=" product " numberstype="csla: ProductType " numbersminOccurs ="1" 31 numbersmaxOccurs =" unbounded "/> 32 <xs:element numbersname=" vulnerabilities " numberstype="csla: VulnerabilitiesType " 33 numbersminOccurs ="0" numbersmaxOccurs =" unbounded "/> 34 <xs:element numbersname=, </xs:complexType > 27 28 <xs:complexType numbersname=

, </xs:sequence >

. </xs, ProductType "> 40 <xs:sequence > 41 <xs:element numbersname="mode" numberstype="csla: ModeType " numbersminOccurs ="1" 42 numbersmaxOccurs

, </xs:sequence > 44 <xs:attribute numbersname="id" numberstype="xs:string "/> 45 <xs:attribute numbersname="name" numberstype="xs:string "/> 46 <xs:attribute numbersname="mode" numberstype="xs:integer "/> 47 <xs:attribute numbersname=" version " numberstype="xs:string "/>

. </xs, complexType > 58 </xs:complexType > 59 60 <xs:complexType numbersname=" VulnerabilityType "> 61 <xs:attribute numbersname="id" numberstype="xs:string "/> 62 <xs:attribute numbersname="cve" numberstype="xs:string "/> 63 <xs:attribute numbersname=" description " numberstype="xs:string "/>

. </xs, MetricType"> 68 <xs:sequence> 69 <xs:element name="description" type="xs:string" minOccurs="1" maxOccurs="1"/> 70 <xs:element name=

, </xs:sequence> 72 <xs:attribute name="id" type="xs:string"/> 73 <xs:attribute name="name" type="xs:string"/>

&. , Type can be simple of complex --> 75 <xs:attribute name="type" type="xs:string"/> 76 <xs:attribute name=

. </xs,

A. Teshome, L. Rilling, and C. Morin, Verification for security monitoring slas in iaas clouds: The example of a network ids, NOMS 2018-2018 IEEE/IFIP Network Operations and Management Symposium, pp.1-7, 2018.

Y. Kouki and T. Ledoux, Csla: a language for improving cloud sla management, International Conference on Cloud Computing and Services Science, pp.586-591, 2012.
URL : https://hal.archives-ouvertes.fr/hal-00675077

R. Bejtlich, The Tao of network security monitoring: beyond intrusion detection. Pearson Education, 2004.

, Practical guide to cloud service level agreements version 2.0, Cloud Standards Customer Council (CSCC), 2015.

S. Axelsson, The base-rate fallacy and its implications for the difficulty of intrusion detection, Proceedings of the 6th ACM Conference on Computer and Communications Security, pp.1-7, 1999.

H. Ludwig, A. Keller, A. Dan, R. P. King, and R. Franck, Web service level agreement (wsla) language specification

A. Andrieux, K. Czajkowski, A. Dan, K. Keahey, H. Ludwig et al., Web services agreement specification (ws-agreement), Open grid forum, vol.128, p.216, 2007.

D. D. Lamanna, J. Skene, and W. Emmerich, Slang: A language for defining service level agreements, NINTH IEEE WORKSHOP ON FUTURE TRENDS OF DISTRIBUTED COMPUTING SYSTEMS, pp.100-106, 2003.

R. B. Uriarte, F. Tiezzi, and R. D. Nicola, Slac: A formal service-level-agreement language for cloud computing, Proceedings of the 2014 IEEE/ACM 7th International Conference on Utility and Cloud Computing, pp.419-426, 2014.

D. E. Irwin, L. E. Grit, and J. S. Chase, Balancing risk and reward in a market-based task service, pp.160-169, 2004.

, GFD.224 -Open Cloud Computing Interface -Infrastructure, 2018.

Y. Kouki, SLA-driven cloud elasticity anagement approach, Theses, Ecole des Mines de Nantes, 2013.
URL : https://hal.archives-ouvertes.fr/tel-00919900

P. Wieder, J. M. Butler, W. Theilmann, and R. Yahyapour, Service level agreements for cloud computing, 2011.

, Common Vulnerabilities and Exposures, 2018.

G. Gu, P. Fogla, D. Dagon, W. Lee, and B. Skori?, Measuring intrusion detection capability: an information-theoretic approach, Proceedings of the 2006 ACM Symposium on Information, pp.90-101, 2006.

, Amazon Compute Service Level Agreement, 2018.

D. Balouek, A. Amarie, G. Charrier, F. Desprez, E. Jeannot et al., Adding virtualization capabilities to the Grid'5000 testbed," in Cloud Computing and Services Science, ser. Communications in Computer and Information Science, vol.367, pp.3-20, 2013.

, Open source software for creating private and public clouds, 2018.

, Open vSwitch is a production quality, multilayer virtual switch, 2018.

, An open source intrusion detection and prevention system, 2018.

E. Raftopoulos and X. Dimitropoulos, A quality metric for ids signatures: in the wild the size matters, EURASIP Journal on Information Security, vol.2013, issue.1, p.7, 2013.

A. Milenkoski, K. Jayaram, N. Antunes, M. Vieira, and S. Kounev, Quantifying the attack detection accuracy of intrusion detection systems in virtualized environments, Software Reliability Engineering (ISSRE), pp.276-286, 2016.

, Open Source vulnerability scanner and manager (OpenVAS), 2018.

.. .. Objectives,

.. .. Contributions,

S. .. Kpi-for-security-monitoring,

, Extended Cloud Service Level Agreement (ECSLA), vol.8

. .. Csla,

S. .. Security-monitoring,

, Including Unknown Base Rate Values in SLO 14

C. .. Assumptions,

, Modeling Rule Interference and its Effect on NIDS Performance, p.17

, 18 6.2.3 Interference vector (IV) and interference matrix (IM)

, Building a Knowledge Base by Clustering Vulnerabilities, p.23

.. .. Experimental-setup,

, Collecting Data Points and Generating an Estimation Model, p.25

. .. Clustering-nids-rules, 27 7.3.2 Grouping based on attack type and severity

.. .. Discussion,

, Conclusion and Future Work 30

.. .. Conclusion,

.. .. Future-work, , p.33

. Xml and . .. Ecsla,