Yet Another Local Search Method for Constraint Solving
SAGA '01 Proceedings of the International Symposium on Stochastic Algorithms: Foundations and Applications
Hardening Network Infrastructure
Hardening Network Infrastructure
Snort 2.1 Intrusion Detection, Second Edition
Snort 2.1 Intrusion Detection, Second Edition
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
Constraint-Based Local Search
Handbook of Constraint Programming (Foundations of Artificial Intelligence)
Handbook of Constraint Programming (Foundations of Artificial Intelligence)
Handbook of Satisfiability: Volume 185 Frontiers in Artificial Intelligence and Applications
Handbook of Satisfiability: Volume 185 Frontiers in Artificial Intelligence and Applications
A DSL for intrusion detection based on constraint programming
Proceedings of the 3rd international conference on Security of information and networks
Using constraints for intrusion detection: the NeMODe system
PADL'11 Proceedings of the 13th international conference on Practical aspects of declarative languages
Bio-inspired computation: success and challenges of IJBIC
International Journal of Bio-Inspired Computation
Hi-index | 0.00 |
NeMODe is a declarative system for computer network intrusion detection, providing a declarative domain specific language for describing network intrusion signatures which can span several network packets, by stating constraints over network packets, describing relations between several packets in a declarative and expressive way. It provides several back-end detection mechanisms, all based on a constraint programming framework, to perform the detection of the desired signatures. In this work, we demonstrate how to model and perform the detection of distributed network attacks using each of the detection mechanisms provided by NeMODe, based in Gecode, adaptive search and MiniSat to perform the detection of the specific intrusions. We also use the sliding network traffic window version of the adaptive search back-end detection mechanism to simulate live network traffic and evaluate the performance of the system in conditions near to real life networks.