Communicating sequential processes
Communicating sequential processes
TCP/IP and related protocols
Bro: a system for detecting network intruders in real-time
Computer Networks: The International Journal of Computer and Telecommunications Networking
Building Internet firewalls (2nd ed.)
Building Internet firewalls (2nd ed.)
The Theory and Practice of Concurrency
The Theory and Practice of Concurrency
Model-based analysis of configuration vulnerabilities
Journal of Computer Security
On Preventing Intrusions by Process Behavior Monitoring
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
Using Model Checking to Analyze Network Vulnerabilities
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Computers and Electrical Engineering
Analysing the information flow properties of object-capability patterns
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Hi-index | 0.00 |
In this paper we demonstrate the modelling and analysis of intrusion detection systems and their environment using the process algebra Communicating Sequential Processes and its model checker FDR. We show that this analysis can be used to discover attack strategies that can be used to blind an intrusion detection system, even a hypothetically perfect one that knows all the weaknesses of its protected host. We give an exhaustive analysis of all such attack possibilities. We discuss how to strengthen the intrusion detection systems to prevent these attacks, and finally we show how we can use data independence techniques to verify the corrected versions.