A Temporal Logic Based Framework for Intrusion Detection

@inproceedings{Naldurg2004ATL,
  title={A Temporal Logic Based Framework for Intrusion Detection},
  author={Prasad Naldurg and Koushik Sen and Prasanna Thati},
  booktitle={FORTE},
  year={2004}
}
We propose a framework for intrusion detection that is based on runtime monitoring of temporal logic specifications. We specify intrusion patterns as formulas in an expressively rich and efficiently monitorable logic called Eagle. Eagle supports data-values and parameterized recursive equations, and allows us to succinctly express security attacks with complex temporal event patterns, as well as attacks whose signatures are inherently statistical in nature. We use an online monitoring algorithm… CONTINUE READING

Citations

Publications citing this paper.
SHOWING 1-10 OF 36 CITATIONS

Behaviour-based virus analysis and detection

VIEW 5 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

A misuse-based network Intrusion Detection System using Temporal Logic and stream processing

  • 2011 5th International Conference on Network and System Security
  • 2011
VIEW 9 EXCERPTS
CITES METHODS
HIGHLY INFLUENCED

TeStID : A High Performance Temporal Intrusion Detection System

VIEW 7 EXCERPTS
CITES METHODS & BACKGROUND
HIGHLY INFLUENCED

Behaviour-based virus detection system using Interval Temporal Logic

  • 2011 6th International Conference on Risks and Security of Internet and Systems (CRiSIS)
  • 2011
VIEW 3 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

References

Publications referenced by this paper.
SHOWING 1-10 OF 20 REFERENCES

Log auditing through model-checking

  • Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001.
  • 2001
VIEW 4 EXCERPTS
HIGHLY INFLUENTIAL

Efficient decentralized monitoring of safety in distributed systems

  • Proceedings. 26th International Conference on Software Engineering
  • 2004
VIEW 2 EXCERPTS

Online efficient predictive safety analysis of multithreaded programs

  • International Journal on Software Tools for Technology Transfer
  • 2004
VIEW 2 EXCERPTS

Program monitoring with LTL in EAGLE

  • 18th International Parallel and Distributed Processing Symposium, 2004. Proceedings.
  • 2004
VIEW 1 EXCERPT

Intrusion detection via static analysis

  • Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001
  • 2001
VIEW 1 EXCERPT

Monitoring Java Programs with Java PathExplorer

  • Electr. Notes Theor. Comput. Sci.
  • 2001
VIEW 1 EXCERPT

A datamining framework for building intrusion detection models

W. Lee
  • IEEE Symposium on Security and Privacy ,
  • 1999
VIEW 3 EXCERPTS