Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SPIN
2009
Springer
2009
Springer
Identifying Modeling Errors in Signatures by Model Checking
: Most intrusion detection systems deployed today apply misuse detection as analysis method. Misuse detection searches for attack traces in the recorded audit data using predefined patterns. The matching rules are called signatures. The definition of signatures is up to now an empirical process based on expert knowledge and experience. The analysis success and accordingly the acceptance of intrusion detection systems in general depend essentially on the topicality of the deployed signatures. Methods for a systematic development of signatures have scarcely been reported yet, so the modeling of a new signature is a time-consuming, cumbersome, and errorprone process. The modeled signatures have to be validated and corrected to improve their quality. So far only signature testing is applied for this. Signature testing is still a rather empirical and time-consuming process to detect modeling errors. In this paper we present the first approach for verifying signature specifications using the...
Real-time TrafficIntrusion Detection Systems | Misuse Detection | Signature | SPIN 2009 | Theoretical Computer Science |
| Added | 27 May 2010 |
| Updated | 27 May 2010 |
| Type | Conference |
| Year | 2009 |
| Where | SPIN |
| Authors | Sebastian Schmerl, Michael Vogel, Hartmut König |
Comments (0)
Researcher Info
|
