Using constraints for intrusion detection: the NeMODe system

In this work we present NeMODe a declarative system for Computer Network Intrusion detection which provides a declarative Domain Specific Language for describing computer network intrusion signatures that could spread across several network packets, which allows to state constraints over network pac...

Full description

Bibliographic Details
Main Author: Salgueiro, Pedro (author)
Other Authors: Diaz, Daniel (author), Brito, Isabel (author), Salvador, Abreu (author)
Format: conferenceObject
Language:eng
Published: 2013
Subjects:
Computer science
Artificial intelligence
Programming
Domain specific languages
Intrusion detection systems
Online Access:http://hdl.handle.net/20.500.12207/649
Country:Portugal
Oai:oai:repositorio.ipbeja.pt:20.500.12207/649
Description
Summary:In this work we present NeMODe a declarative system for Computer Network Intrusion detection which provides a declarative Domain Specific Language for describing computer network intrusion signatures that could spread across several network packets, which allows to state constraints over network packets, describing relations between several packets, and providing several back-end detection mechanisms which relies on Constraint Programming (CP) methodologies to find those intrusions.

Similar Items