Formal analysis of intrusion detection systems for high speed networks

Mohsen Rouached*, Hassen Sallay, Ouissem Ben Fredj, Adel Ammar, Khaled Al-Shalfan, Majdi Ben Saad

*المؤلف المقابل لهذا العمل

نتاج البحث

3 اقتباسات (Scopus)

ملخص

Network Intrusion Detection System (NIDS) is an important and practical tool for network security. To guarantee a precise detection, the NIDS must detect packets at a wire speed. However, with the recent trend of high-speed networks, the capability of a single NIDS cannot meet the speed's demand, resulting in rising of false negatives. To address this problem, Specification-based techniques have been proposed as a promising alternative that combine the strengths of misuse and anomaly detection. In this paper, we present an event calculus (EC) based framework towards the formal analysis of NIDS. This framework checks that security requirements and assumptions are preserved at run-time by monitoring the satisfaction of EC formulas that formalize them using the detection rules. This can be done by observing the network at run-time and checking observations against specified network behavior trying to detect deviations from what is specified.

اللغة الأصليةEnglish
عنوان منشور المضيفAdvances in E-Activities, Information Security and Privacy - 9th WSEAS Int. Conference on E-Activities, E-ACTIVITIES'10, 9th WSEAS Int. Conference on Information Security and Privacy, ISP'10
الصفحات109-114
عدد الصفحات6
حالة النشرPublished - 2010
الحدث9th WSEAS International Conference on E-Activities, E-ACTIVITIES'10, 9th WSEAS International Conference on Information Security and Privacy, ISP'10 - Merida
المدة: ديسمبر ١٤ ٢٠١٠ديسمبر ١٦ ٢٠١٠

سلسلة المنشورات

الاسمAdvances in E-Activities, Information Security and Privacy - 9th WSEAS Int. Conference on E-Activities, E-ACTIVITIES'10, 9th WSEAS Int. Conference on Information Security and Privacy, ISP'10

Other

Other9th WSEAS International Conference on E-Activities, E-ACTIVITIES'10, 9th WSEAS International Conference on Information Security and Privacy, ISP'10
الدولة/الإقليمVenezuela, Bolivarian Republic of
المدينةMerida
المدة١٢/١٤/١٠١٢/١٦/١٠

ASJC Scopus subject areas

  • ???subjectarea.asjc.1700.1710???

بصمة

أدرس بدقة موضوعات البحث “Formal analysis of intrusion detection systems for high speed networks'. فهما يشكلان معًا بصمة فريدة.

قم بذكر هذا