A Declarative Approach to Stateful Intrusion Detection and Network Monitoring

In this paper we present a new approach to stateful intrusion detection. It is based on a temporal logic which has the capability to express temporary properties, which are properties lying between events. The detection of those events can in turn depend of others temporary properties. The aim of this logic is to model knowledge gathering. It is basically… CONTINUE READING