Towards a taxonomy of intrusion-detection systems
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Bro: a system for detecting network intruders in real-time
Computer Networks: The International Journal of Computer and Telecommunications Networking
STATL: an attack language for state-based intrusion detection
Journal of Computer Security
Distributed Performance Monitoring: Methods, Tools, and Applications
IEEE Transactions on Parallel and Distributed Systems
Experiences with Specification-Based Intrusion Detection
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
On the Design of the New Testing Language TTCN-3
TestCom '00 Proceedings of the IFIP TC6/WG6.1 13th International Conference on Testing Communicating Systems: Tools and Techniques
Timed TTCN-3 - A Real-time Extension for TTCN-3
TestCom '02 Proceedings of the IFIP 14th International Conference on Testing Communicating Systems XIV
A TTCN-3 Based Online Test and Validation Platform for Internet Services
ISADS '03 Proceedings of the The Sixth International Symposium on Autonomous Decentralized Systems (ISADS'03)
Test Purposes: Adapting the Notion of Specification to Testing
Proceedings of the 16th IEEE international conference on Automated software engineering
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Beyond bloom filters: from approximate membership checks to approximate state machines
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Synthesizing fast intrusion prevention/detection systems from high-level specifications
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
An EFSM-based intrusion detection system for ad hoc networks
ATVA'05 Proceedings of the Third international conference on Automated Technology for Verification and Analysis
Hi-index | 0.00 |
We explore the idea of using the internationally standardized test language TTCN-3 (Testing and Test Control Notation) as a platform for Intrusion Detection (ID) systems. Intrusion detection is treated as an application of verification by passive testing. It is argued that TTCN contains many features embodied in various "detection languages", and is relevant for ID. As a case study, we discuss a TTCN-based IDS for detecting the Smurfattack.