Network Intrusion Detection with Constraints

In this work we present NeMODe a declarative system for Computer Network Intrusion detection providing a declarative Domain Specific Language for describing computer network intrusion signatures that can spread across several network packets, which allows to state constraints over network packets, d...

Full description

Bibliographic Details
Main Author: Salgueiro, Pedro (author)
Other Authors: Abreu, Salvador (author)
Format: article
Language:por
Published: 2022
Subjects:
Online Access:http://hdl.handle.net/10174/32367
Country:Portugal
Oai:oai:dspace.uevora.pt:10174/32367
Description
Summary:In this work we present NeMODe a declarative system for Computer Network Intrusion detection providing a declarative Domain Specific Language for describing computer network intrusion signatures that can spread across several network packets, which allows to state constraints over network packets, describing relations between several packets. NeMODe provides several back-end detection mechanisms relying on Constraint Programming (CP) methodologies to find those intrusions.