Network Intrusion Detection with Constraints

In this work we present NeMODe a declarative system for Computer Network Intrusion detection providing a declarative Domain Specific Language for describing computer network intrusion signatures that can spread across several network packets, which allows to state constraints over network packets, d...

ver descrição completa

Detalhes bibliográficos
Autor principal: Salgueiro, Pedro (author)
Outros Autores: Abreu, Salvador (author)
Formato: article
Idioma:por
Publicado em: 2022
Assuntos:
Constraint Programming
Intrusion Detection Systems
Domain Specific Languages
Texto completo:http://hdl.handle.net/10174/32367
País:Portugal
Oai:oai:dspace.uevora.pt:10174/32367
Descrição
Resumo:In this work we present NeMODe a declarative system for Computer Network Intrusion detection providing a declarative Domain Specific Language for describing computer network intrusion signatures that can spread across several network packets, which allows to state constraints over network packets, describing relations between several packets. NeMODe provides several back-end detection mechanisms relying on Constraint Programming (CP) methodologies to find those intrusions.

Registos relacionados