An efficient formal framework for intrusion detection systems

Mohsen Rouached, Hassen Sallay

Research output: Contribution to journalArticle

4 Citations (Scopus)

Abstract

Traffic anomalies and attacks are commonplace in today's networks, and identifying them rapidly and accurately is critical for large network operators. Intrusion detection systems are an important component of defensive measures protecting computer systems and networks from abuse. For an intrusion detection system, it is important to detect previously known attacks with high accuracy. However, detecting previously unseen attacks is equally important in order to minimize the losses as a result of a successful intrusion. It is also equally important to detect attacks at an early stage in order to minimize their impact. To address these challenges, this paper proposes to improve the efficiency of the network intrusion detection process by including an Event Calculus based specification to detect the registered and expected behaviour of the whole network.

Original languageEnglish
Pages (from-to)968-975
Number of pages8
JournalProcedia Computer Science
Volume10
DOIs
Publication statusPublished - 2012

Keywords

  • Formal Specification
  • High Speed Networks
  • Intrusion detection systems
  • Verification and Validation

ASJC Scopus subject areas

  • Computer Science(all)

Fingerprint Dive into the research topics of 'An efficient formal framework for intrusion detection systems'. Together they form a unique fingerprint.

  • Cite this