Intrusion detection aware component-based systems: A specification-based framework
Journal of Systems and Software
International Journal of Information and Computer Security
Bridging the gap: software specification meets intrusion detector
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
| Hi-index | 0.00 |
To protect software against malicious activities, organizations are required to monitor security breaches. Intrusion Detection Systems (IDS) are those kinds of monitoring tools that have gained a considerable amount of popularity. A number of specification-based IDSs have been proposed, where security requirements or attack scenarios are specified using some languages. Currently, attack specification languages are being deployed for describing security requirements. Use of two different languages for software specification and security specification invites a number of unwanted but complicated issues, such as duplication of requirements specification effort as well as the existence of redundant and conflicting requirements. In this paper, we present an intrusion detection technique that uses a formal software specification language called Abstract State Machine Language (AsmL) for the specification of security requirements. We present a framework, and develop the algorithm for the IDS that interprets the AsmL attack scenario specifications in order to detect intrusions. Moreover, we discuss case studies where the presented intrusion detection system is used to detect attacks.