Abstract
Traffic anomalies and attacks are commonplace in today's networks, and identifying them rapidly and accurately is critical for large network operators. Intrusion detection systems are an important component of defensive measures protecting computer systems and networks from abuse. For an intrusion detection system, it is important to detect previously known attacks with high accuracy. However, detecting previously unseen attacks is equally important in order to minimize the losses as a result of a successful intrusion. It is also equally important to detect attacks at an early stage in order to minimize their impact. To address these challenges, this paper proposes to improve the efficiency of the network intrusion detection process by including an Event Calculus based specification to detect the registered and expected behaviour of the whole network.
| Original language | English |
|---|---|
| Pages (from-to) | 968-975 |
| Number of pages | 8 |
| Journal | Procedia Computer Science |
| Volume | 10 |
| DOIs | |
| Publication status | Published - 2012 |
| Externally published | Yes |
| Event | 3rd International Conference on Ambient Systems, Networks and Technologies, ANT 2012 and 9th International Conference on Mobile Web Information Systems, MobiWIS 2012 - Niagara Falls, ON, Canada Duration: Aug 27 2012 → Aug 29 2012 |
Keywords
- Formal Specification
- High Speed Networks
- Intrusion detection systems
- Verification and Validation
ASJC Scopus subject areas
- General Computer Science