A DSL for intrusion detection based on constraint programming

Authors:
Pedro D. Salgueiro;Salvador P. Abreu
Affiliations:
Universidade de Évora, Évora, Portugal;Universidade de Évora, Évora, Portugal
Venue:
Proceedings of the 3rd international conference on Security of information and networks
Year:
2010

Citing 11
Cited 2

Domain-specific languages: an annotated bibliography

ACM SIGPLAN Notices
Yet Another Local Search Method for Constraint Solving

SAGA '01 Proceedings of the International Symposium on Stochastic Algorithms: Foundations and Applications
Snort 2.1 Intrusion Detection, Second Edition

Snort 2.1 Intrusion Detection, Second Edition
Snort - Lightweight Intrusion Detection for Networks

LISA '99 Proceedings of the 13th USENIX conference on System administration
Efficient packet classification for network intrusion detection using FPGA

Proceedings of the 2005 ACM/SIGDA 13th international symposium on Field-programmable gate arrays
Constraint-Based Local Search

Constraint-Based Local Search
Introduction to the cell multiprocessor

IBM Journal of Research and Development - POWER5 and packaging
Nagios: System and Network Monitoring

Nagios: System and Network Monitoring
Handbook of Constraint Programming (Foundations of Artificial Intelligence)

Handbook of Constraint Programming (Foundations of Artificial Intelligence)
HAMPI: a solver for string constraints

Proceedings of the eighteenth international symposium on Software testing and analysis
Regular Expression Matching on Graphics Hardware for Intrusion Detection

RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection

Using constraints for intrusion detection: the NeMODe system

PADL'11 Proceedings of the 13th international conference on Practical aspects of declarative languages
Modelling distributed network attacks with constraints

International Journal of Bio-Inspired Computation

Quantified Score

Hi-index	0.00

Visualization

Abstract

Intrusion Detection Systems (IDS) are increasingly important in computer networks, allowing the early diagnosis and detection of anomalous situations, which could otherwise put network performance at risk or even compromise the security or integrity of user data. In this work we present NeMODe, a domain specific language for network intrusion detection that allows to describe network intrusions that spread across several network packets, relying on Constraint Programming(CP), a programming methodology that starts with a declarative description of the desirable network situations and, based on that description, a set of parameterizations for network intrusion detection mechanisms will execute to find those intrusions.