|
Published Articles >> Table of Contents >> Abstract
The Second International Conference on Availability, Reliability and Security (ARES'07)
pp. 206-212
Specification and Detection of TCP/IP Based Attacks Using the ADM-Logic
Meriam Ben Ghorbel, Digital Security Unit, Higher School of Communication,Tunis, Tunisia
Mehdi Talbi, Digital Security Unit, Higher School of Communication,Tunis, Tunisia
Mohamed Mejri, Laval University,Quebec, Canada
Full Article Text:
  
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ARES.2007.142
Send link to a friend
| Abstract |
|
Intrusion detection systems (IDS) are considered nowadays
as one of the most important components in the security
architecture of information systems. For a Misusebased
IDS, also known as signature based IDS, the effi-
ciency of detection is highly correlated to the quality of signatures.
It is therefore very important to select a suitable
formal language that provides both high expressiveness and
simplicity when specifying attack signatures. It is also fundamental
to have a user friendly and automatic tool allowing
the specification and the verification of these signatures.
This paper shows the efficiency and the suitability of the
ADM-logic as a and formal language to specify a large
variety of signatures characterizing attacks based on the
TCP/IP protocols. A prototype of an IDS based on this logic
will be also introduced.
|
 Additional Information
|
Citation:
Meriam Ben Ghorbel, Mehdi Talbi, Mohamed Mejri,
"Specification and Detection of TCP/IP Based Attacks Using the ADM-Logic,"
ares,
pp. 206-212,
The Second International Conference on Availability, Reliability and Security (ARES'07),
2007
|
|
