Abstract
In this work we demonstrate how to model and perform the detection of Distributed Network attacks using NeMODe, a declarative system for Computer Network Intrusion Detection which provides a declarative Domain Specific Language for describing computer network intrusion signatures which span several network packets by stating constraints over network packets, thus, describing relations between several packets, in a declarative and expressive way.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Roesch, M.: Snort - lightweight intrusion detection for networks. In: LISA 1999: Proceedings of the 13th USENIX Conference on System Administration, pp. 229–238. USENIX Association, USA (1999)
Rossi, F., Van Beek, P., Walsh, T.: Handbook of constraint programming. Elsevier Science, Amsterdam (2006)
Van Hentenryck, P., Michel, L.: Constraint-based local search. MIT Press, Cambridge (2005)
Salgueiro, P., Diaz, D., Brito, I., Abreu, S.: Using Constraints for Intrusion Detection: the NeMODe System. In: Rocha, R., Launchbury, J. (eds.) PADL 2011. LNCS, vol. 6539, pp. 115–129. Springer, Heidelberg (2011)
Salgueiro, P.D., Abreu, S.P.: A dsl for intrusion detection based on constraint programming. In: Proceedings of The 3Rd International Conference on Security of Information and Networks, SIN 2010, pp. 224–332. ACM, USA (2010)
Comer, D.: Internetworking With TCP/IP Volume 1: Principles Protocols, and Architecture, 5th edn. Prentice Hall, Englewood Cliffs (2006)
Zhang, Y., Lee, W.: ntrusion detection in wireless ad-hoc networks. In: Proceedings of The 6Th Annual International Conference on Mobile Computing and Networking, p. 283. ACM, New York (2000)
Arun, K.S.P.: Flow-aware cross packet inspection using bloom filters for high speed data-path content matching. In: IEEE International Advance Computing Conference, IACC 2009, vol. 6-7, pp. 1230–1234 (2009)
Kumar, S., Spafford, E.H.: A software architecture to support misuse intrusion detection. In: Proceedings of The 18th National Information Security Conference, pp. 194–204 (1995)
Schulte, C., Stuckey, P.J.: Speeding up constraint propagation. In: Wallace, M. (ed.) CP 2004. LNCS, vol. 3258, pp. 619–633. Springer, Heidelberg (2004)
Codognet, P., Diaz, D.: Yet another local search method for constraint solving. In: Steinhöfel, K. (ed.) SAGA 2001. LNCS, vol. 2264, p. 73. Springer, Heidelberg (2001)
Diaz, D., Abreu, S., Codognet, P.: Parallel constraint-based local search on the cell/BE multicore architecture. In: Essaaidi, M., Malgeri, M., Badica, C. (eds.) Intelligent Distributed Computing IV. Studies in Computational Intelligence, vol. 315, pp. 265–274. Springer, Heidelberg (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Salgueiro, P., Abreu, S. (2011). Modeling Distributed Network Attacks with Constraints. In: Brazier, F.M.T., Nieuwenhuis, K., Pavlin, G., Warnier, M., Badica, C. (eds) Intelligent Distributed Computing V. Studies in Computational Intelligence, vol 382. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24013-3_20
Download citation
DOI: https://doi.org/10.1007/978-3-642-24013-3_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-24012-6
Online ISBN: 978-3-642-24013-3
eBook Packages: EngineeringEngineering (R0)