Formal specication of intrusion signatures and detection rules

@article{Pouzol2002FormalSO,
  title={Formal specication of intrusion signatures and detection rules},
  author={Jean-Philippe Pouzol and Mireille Ducass{\'e}},
  journal={Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15},
  year={2002},
  pages={60-}
}
1 Misuse intrusion detection systems detect signatures of attack scenarios. Existing systems are split into two categories: transition-based and declarative. In the transitionbased systems what are the significant traces of attacks is hidden behind how they should be detected. This means that writing a signature is a very heavy task. In the declarative systems the signatures only contain what are the significant traces of attacks and an algorithm addresses how they should be detected. Writing… CONTINUE READING

Citations

Publications citing this paper.

Similar Papers

Loading similar papers…